CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-8102 – Insufficient URL sanitization and validation in Safepay Browser (VA-8631)
https://notcve.org/view.php?id=CVE-2020-8102
22 Jun 2020 — Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116. Una Vulnerabilidad de Comprobación de Entrada Inapropiada en el componente navegador Safepay de Bitdefender Total Security 2020, permite a una página web externa especialmente diseñada ejecutar comandos remotos dentr... • https://www.bitdefender.com/support/security-advisories/insufficient-url-sanitization-validation-safepay-browser-va-8631 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8095 – Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-8095
30 Jan 2020 — A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device. Una vulnerabilidad en el manejo inapropiado de uniones antes de la eliminación en Bitdefender Total Security 2020, puede permitir a un atacante desencadenar una denegación de servicio en el dispositivo afectado. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of BitD... • https://www.bitdefender.com/support/security-advisories/bitdefender-total-security-link-resolution-denial-service-vulnerability-va-4021 • CWE-20: Improper Input Validation CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17100 – Untrusted Search Path vulnerability in Bitdefender Total Security 2020 (VA-5895)
https://notcve.org/view.php?id=CVE-2019-17100
27 Jan 2020 — An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69. Una vulnerabilidad de Ruta de Búsqueda No Confiable en el archivo bdserviceshost.exe como es usado en Bitdefender Total Security 2020, permite a un atacante ejecutar código arbitrario. Este problema no afecta: Bitdefender Total Security versiones anteriores a 24.0.12.69. • https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-bitdefender-total-security-2020-va-5895 • CWE-426: Untrusted Search Path •