Filtered by vendor Bitdefender Subscriptions
Total 90 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-8110 1 Bitdefender 1 Engines 2024-11-21 5.9 Medium
A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 and prior versions.
CVE-2020-8109 1 Bitdefender 1 Engines 2024-11-21 5.9 Medium
A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. This can result in denial-of-service. This issue affects: Bitdefender Engines version 7.84892 and prior versions.
CVE-2020-8108 1 Bitdefender 1 Endpoint Security 2024-11-21 8.2 High
Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80.
CVE-2020-8107 1 Bitdefender 3 Antivirus Plus, Internet Security, Total Security 2024-11-21 8.2 High
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.
CVE-2020-8103 1 Bitdefender 1 Antivirus 2020 2024-11-21 7.2 High
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178.
CVE-2020-8102 1 Bitdefender 1 Total Security 2020 2024-11-21 8.8 High
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.
CVE-2020-8100 1 Bitdefender 1 Engines 2024-11-21 9 Critical
Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063.
CVE-2020-8099 1 Bitdefender 1 Antivirus 2020 2024-11-21 7.1 High
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17.
CVE-2020-8097 1 Bitdefender 2 Endpoint Security, Endpoint Security Tools 2024-11-21 8.1 High
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.
CVE-2020-8096 1 Bitdefender 1 Antimalware Software Development Kit 2024-11-21 6.3 Medium
Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 .
CVE-2020-8095 1 Bitdefender 1 Total Security 2020 2024-11-21 4.9 Medium
A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.
CVE-2020-8093 1 Bitdefender 1 Antivirus 2024-11-21 5.3 Medium
A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution
CVE-2020-8092 1 Bitdefender 1 Antivirus 2024-11-21 1.6 Low
A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. This issue affects: Bitdefender Bitdefender Antivirus for Mac versions prior to 8.0.0.
CVE-2020-15734 1 Bitdefender 1 Safepay 2024-11-21 5.5 Medium
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29.
CVE-2020-15733 1 Bitdefender 1 Antivirus Plus 2024-11-21 6.5 Medium
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29.
CVE-2020-15732 1 Bitdefender 3 Antivirus Plus, Internet Security, Total Security 2024-11-21 6.5 Medium
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender Internet Security versions prior to 25.0.7.29. Bitdefender Antivirus Plus versions prior to 25.0.7.29.
CVE-2020-15731 1 Bitdefender 1 Engines 2024-11-21 3.2 Low
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.
CVE-2020-15297 1 Bitdefender 1 Update Server 2024-11-21 7.1 High
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to 6.6.20.294 allows an unprivileged attacker to bypass the in-place mitigations and interact with hosts on the network. This issue affects: Bitdefender Update Server versions prior to 6.6.20.294.
CVE-2020-15294 1 Bitdefender 1 Hypervisor Introspection 2024-11-21 7.8 High
Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.
CVE-2020-15293 1 Bitdefender 1 Hypervisor Introspection 2024-11-21 6.1 Medium
Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.