CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2019-20000
https://notcve.org/view.php?id=CVE-2019-20000
26 Dec 2019 — The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted. La función de escaneo de malware en BullGuard Premium Protection versión 20.0.371.8, presenta un problema TOCTOU lo que hace posible un ataque de enlace simbólico, permitiendo que archivos privilegiados sean eliminados. • https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17061
https://notcve.org/view.php?id=CVE-2018-17061
15 Sep 2018 — BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results. BullGuard Safe Browsing 18.1.355 permite Cross-Site Scripting (XSS) en las páginas de Google, Bing y Yahoo! mediante los dominios indexados en los resultados de búsqueda. • https://medium.com/%40Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 5CVE-2014-9642 – BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-9642
05 Feb 2015 — bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call. bdagent.sys en BullGuard Antivirus, Internet Security, Premium Protection, y Online Backup anterior a 15.0.288 permite a usuarios locales escribir datos a localizaciones de memoria arbitrarias, y como consecuencia ganar privilegios, a través de una llamada IOCTL 0x002... • https://packetstorm.news/files/id/130247 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 24%CPEs: 4EXPL: 2CVE-2008-5409 – BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-5409
09 Dec 2008 — Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information. Vulnerabilida... • https://www.exploit-db.com/exploits/7178 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •