Check CVE Id
Check CWE Id
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 126.96.36.199. Bitdefender Internet Security versions prior to 188.8.131.52. Bitdefender Antivirus Plus versions prior to 184.108.40.206. Bitdefender Endpoint Security Tools versions prior to 220.127.116.11. Bitdefender VPN Standalone versions prior to 18.104.22.168.
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 22.214.171.124. Bitdefender Internet Security versions prior to 126.96.36.199. Bitdefender Antivirus Plus versions prior to 188.8.131.52. Bitdefender Endpoint Security Tools for Windows versions prior to 184.108.40.206.
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 220.127.116.11. Bitdefender Internet Security versions prior to 18.104.22.168. Bitdefender Total Security versions prior to 22.214.171.124.
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 126.96.36.199. Bitdefender Internet Security versions prior to 188.8.131.52. Bitdefender Antivirus Plus versions prior to 184.108.40.206.
Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, as demonstrated by a filename inside a (1) rar or (2) zip archive file.
Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Online anti-virus scanner
Bitdefender total security 2010
Internet security 2018
Endpoint security tools
Total security 2020
Antivirus for mac
Antimalware software development kit
Gravityzone business security
Back to Top