Vulnerabilities > Bitdefender > Internet Security > 24.0.26.136

DATE CVE VULNERABILITY TITLE RISK
2023-05-24 CVE-2022-0357 Unquoted Search Path or Element vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.
local
low complexity
bitdefender CWE-428
7.8
7.8
2022-03-07 CVE-2021-4198 NULL Pointer Dereference vulnerability in Bitdefender products
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files.
local
low complexity
bitdefender CWE-476
3.6
3.6
2022-03-07 CVE-2021-4199 Incorrect Permission Assignment for Critical Resource vulnerability in Bitdefender products
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM.
local
low complexity
bitdefender CWE-732
7.2
7.2