CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3633 – Out of Bounds Memory Corruption Issue in CEVA Engine
https://notcve.org/view.php?id=CVE-2023-3633
14 Jul 2023 — An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower. An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower. • https://www.bitdefender.com/support/security-advisories/out-of-bounds-memory-corruption-issue-in-ceva-engine-va-11010 • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3369 – Improper handling of registry symbolic links in Bitdefender Engines
https://notcve.org/view.php?id=CVE-2022-3369
01 Nov 2022 — An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It also affects Bitdefender Antivirus Free, Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security, as well as Bitdefender Endpoint Security Tools for Windows with engine versions prior t... • https://www.bitdefender.com/support/security-advisories/improper-handling-of-registry-symbolic-links-in-bitdefender-engines-va-10562 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8110 – Bitdefender ceva_emu.cvd module denial-of-service (VA-8766)
https://notcve.org/view.php?id=CVE-2020-8110
02 Oct 2020 — A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 and prior versions. Se detectó una vulnerabilidad en el módulo ceva_emu.cvd que resulta de una falta de comprobación apropiada de los datos suministrados por el usuario, lo que puede resultar en un puntero que es ex... • https://www.bitdefender.com/support/security-advisories/bitdefender-cevakrnl-xmd-parser-denial-of-service-va-8766 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8109 – Bitdefender ace.xmd parser out-of-bounds write (VA-8772)
https://notcve.org/view.php?id=CVE-2020-8109
01 Oct 2020 — A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. This can result in denial-of-service. This issue affects: Bitdefender Engines version 7.84892 and prior versions. Se ha detectado una vulnerabilidad en el analizador ace.xmd que resulta de una falta de comprobación apropiada de los datos suministrados por el usuario, lo que puede resultar en una escritura más allá del ... • https://www.bitdefender.com/support/security-advisories/bitdefender-ace-xmd-parser-out-of-bounds-write-va-8772 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15731 – Local Privilege Escalation in Bitdefender Engines (VA-8953)
https://notcve.org/view.php?id=CVE-2020-15731
30 Sep 2020 — An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448. Una vulnerabilidad de comprobación de entrada inapropiada en el código que maneja el cambio de nombre y la recuperación de archivos en Bitdefender Engines, permite a un atacante escribir un archivo arbitrario en una u... • https://www.bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-engines-va-8953 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8100 – Incomplete validation in detection code in Bitdefender Engines (VA-8589)
https://notcve.org/view.php?id=CVE-2020-8100
15 May 2020 — Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063. Una vulnerabilidad de comprobación de Entrada Inapropiada en el módulo cevakrnl.rv0, tal como es utilizado en el Bitdefender Engines, permite a un atacante activar una denegación de servicio mientras escanea una muestra especialmente dise... • https://www.bitdefender.com/support/security-advisories/incomplete-validation-detection-code-bitdefender-engines-va-8589 • CWE-20: Improper Input Validation •