eScan AV also seems like a truly professional company:
- While they have a Vulnerability Disclosure Program, there is no listing of security advisories (ProTip: always make sure your vendor has an advisory listing)
- There is a Hall of Fame though, that just outright discloses the email addresses of reporters, but no info about the vulns
- This CVE record references a blog post, that simply bitrotted:
https://nvd.nist.gov/vuln/detail/CVE-2018-18388