Vulnerabilities > Bitdefender
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2019-17096 | OS Command Injection vulnerability in Bitdefender BOX 2 Firmware and Central A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. | 9.3 |
| 2020-01-27 | CVE-2019-17103 | Incorrect Default Permissions vulnerability in Bitdefender Antivirus An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. | 2.1 |
| 2020-01-27 | CVE-2019-17102 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Bitdefender BOX 2 Firmware An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. | 9.3 |
| 2020-01-27 | CVE-2019-17100 | Untrusted Search Path vulnerability in Bitdefender Total Security 2020 An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. | 4.4 |
| 2019-10-31 | CVE-2019-12612 | Unspecified vulnerability in Bitdefender BOX Firmware An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. | 7.2 |
| 2019-10-17 | CVE-2019-12611 | Allocation of Resources Without Limits or Throttling vulnerability in Bitdefender BOX Firmware An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. | 4.9 |
| 2019-08-21 | CVE-2019-15295 | Untrusted Search Path vulnerability in Bitdefender Antivirus 2020 An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path. | 9.3 |
| 2019-07-30 | CVE-2019-14242 | Code Injection vulnerability in Bitdefender products An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. | 7.2 |
| 2019-06-03 | CVE-2019-6738 | Improper Input Validation vulnerability in Bitdefender Safepay 23.0.10.34 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. | 6.8 |
| 2019-06-03 | CVE-2019-6737 | Unspecified vulnerability in Bitdefender Safepay 23.0.10.34 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. | 8.8 |