VYPR

Total Security

by Bitdefender

CVEs (25)

  • CVE-2007-5775CriNov 1, 2007
    risk 0.69cvss 9.8epss 0.27

    Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher,…

  • CVE-2025-7073HigDec 10, 2025
    risk 0.51cvss 7.8epss 0.00

    A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback)…

  • CVE-2018-6183HigMar 12, 2018
    risk 0.51cvss 7.8epss 0.00

    BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group.

  • CVE-2017-10950HigAug 29, 2017
    risk 0.46cvss 7.0epss 0.00

    This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The…

  • CVE-2017-6186MedMar 21, 2017
    risk 0.44cvss 6.7epss 0.01

    Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any…

  • CVE-2023-49570Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates…

  • CVE-2023-49567Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are…

  • CVE-2023-6058Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the…

  • CVE-2023-6057Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to…

  • CVE-2023-6056Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation,…

  • CVE-2023-6055Oct 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage…

  • CVE-2023-42126May 3, 2024
    risk 0.00cvss epss 0.00

    G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute…

  • CVE-2023-6154Apr 1, 2024
    risk 0.00cvss epss 0.00

    A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library…

  • CVE-2022-0357May 24, 2023
    risk 0.00cvss epss 0.00

    Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security…

  • CVE-2021-4199Mar 7, 2022
    risk 0.00cvss epss 0.01

    Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to…

  • CVE-2021-4198Mar 7, 2022
    risk 0.00cvss epss 0.01

    A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files.…

  • CVE-2020-8107Feb 18, 2022
    risk 0.00cvss epss 0.00

    A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet…

  • CVE-2021-3576Oct 28, 2021
    risk 0.00cvss epss 0.01

    Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the…

  • CVE-2021-3579Oct 28, 2021
    risk 0.00cvss epss 0.01

    Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects:…

  • CVE-2020-15732Jun 22, 2021
    risk 0.00cvss epss 0.01

    Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to…

Page 1 of 2