Vulnerabilities > Bitdefender > Total Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2023-49570 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. | 7.4 |
| 2024-10-18 | CVE-2023-49567 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. | 6.8 |
| 2024-10-18 | CVE-2023-6055 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6056 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6057 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. | 7.4 |
| 2024-10-18 | CVE-2023-6058 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. | 6.8 |
| 2023-05-24 | CVE-2022-0357 | Unquoted Search Path or Element vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. | 7.8 |
| 2022-03-07 | CVE-2021-4198 | NULL Pointer Dereference vulnerability in Bitdefender products A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. | 6.1 |
| 2022-03-07 | CVE-2021-4199 | Incorrect Permission Assignment for Critical Resource vulnerability in Bitdefender products Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. | 7.8 |
| 2022-02-18 | CVE-2020-8107 | Unspecified vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. | 7.8 |