Vulnerabilities > Bitdefender > Total Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-28 | CVE-2021-3576 | Improper Privilege Management vulnerability in Bitdefender Endpoint Security Tools and Total Security Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. | 7.8 |
| 2021-10-28 | CVE-2021-3579 | Incorrect Default Permissions vulnerability in Bitdefender Endpoint Security Tools and Total Security Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. | 7.8 |
| 2021-06-22 | CVE-2020-15732 | Improper Certificate Validation vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. | 7.5 |
| 2019-07-30 | CVE-2019-14242 | Uncontrolled Search Path Element vulnerability in Bitdefender products An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. | 6.7 |
| 2018-03-12 | CVE-2018-6183 | Unspecified vulnerability in Bitdefender Total Security 2018 BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". | 7.8 |
| 2017-08-29 | CVE-2017-10950 | Double Free vulnerability in Bitdefender Total Security 21.0.24.62 This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. | 7.0 |
| 2017-03-21 | CVE-2017-6186 | Code Injection vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a "DoubleAgent" attack. | 6.7 |