Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender endpoint security tools vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3369
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an malicious user to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines version...
Bitdefender Engines
5
CVSSv2
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Update Server
7.2
CVSSv2
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote malicious user to escalate local privileg...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security
3.6
CVSSv2
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an malicious user to arbitrarily crash product processes and generate crashdump fil...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security
Bitdefender Vpn Standalone
5
CVSSv2
CVE-2021-3959
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions before 3.3.8.272
Bitdefender Gravityzone
5
CVSSv2
CVE-2021-3553
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an malicious user to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions before ...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
5
CVSSv2
CVE-2021-3552
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions before 6.6.27.390; versions...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
7.5
CVSSv2
CVE-2021-3554
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an malicious user to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Too...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Gravityzone 6.24.1-1
3.6
CVSSv2
CVE-2021-3641
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local malicious user to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33...
Bitdefender Gravityzone
7.2
CVSSv2
CVE-2021-3576
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local malicious user to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limi...
Bitdefender Endpoint Security Tools
Bitdefender Total Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »