Vulnerabilities > Bitdefender > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-15 | CVE-2020-8094 | Untrusted Search Path vulnerability in Bitdefender Antivirus 2020 1.0.15.138 An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file. | 7.8 |
| 2025-01-13 | CVE-2024-11128 | Unspecified vulnerability in Bitdefender Virus Scanner A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). | 7.8 |
| 2024-10-18 | CVE-2023-49570 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6055 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6056 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6057 | Unspecified vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. | 7.4 |
| 2024-04-01 | CVE-2023-6154 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Bitdefender products A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. | 7.8 |
| 2023-07-14 | CVE-2023-3633 | Unspecified vulnerability in Bitdefender Engines An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower. | 7.5 |
| 2023-05-24 | CVE-2022-0357 | Unspecified vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. | 7.8 |
| 2022-04-07 | CVE-2022-0677 | Unspecified vulnerability in Bitdefender Endpoint Security Tools, Gravityzone and Update Server Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. | 7.5 |