VYPR

Vendor CVEs

Bitdefender

All CVEs

114 total · sorted by risk
  • CVE-2018-18058May 24, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities,…

  • CVE-2018-18059May 24, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other…

  • CVE-2018-18060May 24, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other…

  • CVE-2017-8931Oct 30, 2018
    risk 0.00cvss epss 0.02

    Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.

  • CVE-2018-8955Oct 24, 2018
    risk 0.00cvss epss 0.04

    The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.

  • CVE-2010-5154Aug 25, 2012
    risk 0.00cvss epss 0.00

    Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain…

  • CVE-2008-6661Apr 7, 2009
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file.

  • CVE-2008-1735Apr 30, 2008
    risk 0.00cvss epss 0.00

    BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function.

  • CVE-2007-0391Jan 19, 2007
    risk 0.00cvss epss 0.00

    Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings.

  • CVE-2006-6405Dec 10, 2006
    risk 0.00cvss epss 0.01

    BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

  • CVE-2005-3211Oct 14, 2005
    risk 0.00cvss epss 0.02

    Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as…

  • CVE-2005-3154Oct 5, 2005
    risk 0.00cvss epss 0.04

    Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.

  • CVE-2005-2298Jul 19, 2005
    risk 0.00cvss epss 0.01

    BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.

  • CVE-2005-1286May 2, 2005
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.

Page 3 of 3