Vulnerabilities > Bitdefender > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2019-17095 | OS Command Injection vulnerability in Bitdefender BOX 2 Firmware 2.1.47.42/2.1.53.45 A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. | 10.0 |
| 2020-01-27 | CVE-2019-17096 | OS Command Injection vulnerability in Bitdefender BOX 2 Firmware and Central A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. | 9.3 |
| 2020-01-27 | CVE-2019-17102 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Bitdefender BOX 2 Firmware An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. | 9.3 |
| 2019-08-21 | CVE-2019-15295 | Untrusted Search Path vulnerability in Bitdefender Antivirus 2020 An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path. | 9.3 |
| 2018-10-30 | CVE-2017-8931 | Unspecified vulnerability in Bitdefender Gravityzone 5.1.11.432/5.1.5.386 Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors. | 10.0 |
| 2017-12-21 | CVE-2017-17408 | Integer Overflow or Wraparound vulnerability in Bitdefender Internet Security 2018 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. | 9.3 |
| 2017-12-21 | CVE-2017-17409 | Integer Overflow or Wraparound vulnerability in Bitdefender Internet Security 2018 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. | 9.3 |
| 2017-12-21 | CVE-2017-17410 | Out-of-bounds Write vulnerability in Bitdefender Internet Security 2018 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. | 9.3 |
| 2017-10-31 | CVE-2017-10954 | Integer Overflow or Wraparound vulnerability in Bitdefender Internet Security 2018 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. | 9.3 |
| 2008-12-10 | CVE-2008-5409 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. | 9.3 |