CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-27223
https://notcve.org/view.php?id=CVE-2021-27223
01 Apr 2022 — A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS Se presentaba un problema de denegación de servicio en uno de los módulos incorporados en los productos Kaspersky Anti-V... • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-4199 – Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)
https://notcve.org/view.php?id=CVE-2021-4199
07 Mar 2022 — Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security ... • https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-4198 – messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016)
https://notcve.org/view.php?id=CVE-2021-4198
07 Mar 2022 — A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools version... • https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016 • CWE-476: NULL Pointer Dereference •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8107 – Process Control vulnerability in Bitdefender Antivirus Plus
https://notcve.org/view.php?id=CVE-2020-8107
18 Feb 2022 — A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136. Una vulnerabilidad de Control de Procesos en ProductAgentUI.exe usado en Bitdefender Antivirus Plus permite a un atacante manipular la con... • https://www.bitdefender.com/support/security-advisories/process-control-vulnerability-bitdefender-antivirus-plus-va-8709 • CWE-114: Process Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3576 – Privilege escalation via SeImpersonatePrivilege
https://notcve.org/view.php?id=CVE-2021-3576
28 Oct 2021 — Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26. Una vulnerabilidad de Ejecución con Privilegios Innecesarios en Bitd... • https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15732
https://notcve.org/view.php?id=CVE-2020-15732
22 Jun 2021 — Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender Internet Security versions prior to 25.0.7.29. Bitdefender Antivirus Plus versions prior to 25.0.7.29. Una vulnerabilidad de Comprobación Inapropiada de Certificados en el módulo Online Threat Prevention tal y como... • https://www.bitdefender.com/support/security-advisories/improper-certificate-validation-bitdefender-total-security-va-8957 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11246
https://notcve.org/view.php?id=CVE-2018-11246
11 Jan 2021 — K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak. K7TSMngr.exe en K7Computing K7AntiVirus Premium versión 15.1.0.53, presenta una fuga de la memoria • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11010
https://notcve.org/view.php?id=CVE-2018-11010
11 Jan 2021 — A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. Se detectó un problema de desbordamiento del búfer en K7Computing K7AntiVirus Premium versión 15.01.00.53 • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11005
https://notcve.org/view.php?id=CVE-2018-11005
11 Jan 2021 — A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. Se detectó un problema de pérdida de memoria en K7Computing K7AntiVirus Premium versión 15.01.00.53 • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11007
https://notcve.org/view.php?id=CVE-2018-11007
11 Jan 2021 — A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. Se detectó un problema de pérdida de memoria en K7Computing K7AntiVirus Premium versión 15.01.00.53 • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-787: Out-of-bounds Write •