Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender endpoint security tools vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-8097
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local malicious user to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefende...
Bitdefender Endpoint Security
Bitdefender Endpoint Security Tools
7.8
CVSSv3
CVE-2021-3576
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local malicious user to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limi...
Bitdefender Endpoint Security Tools
Bitdefender Total Security
7.8
CVSSv3
CVE-2021-3579
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local malicious user to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bit...
Bitdefender Endpoint Security Tools
Bitdefender Total Security
7.8
CVSSv3
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote malicious user to escalate local privileg...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security
7.8
CVSSv3
CVE-2019-17099
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions before 6.6.11.163 allows an malicious user to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions be...
Bitdefender Endpoint Security Tools
3.3
CVSSv3
CVE-2020-15279
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions before 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue exists during external security research.
Bitdefender Endpoint Security Tools
6.6
CVSSv3
CVE-2021-3485
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle malicious user to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitde...
Bitdefender Endpoint Security Tools
7.5
CVSSv3
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Update Server
6.1
CVSSv3
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an malicious user to arbitrarily crash product processes and generate crashdump fil...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security
Bitdefender Vpn Standalone
7.5
CVSSv3
CVE-2021-3552
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions before 6.6.27.390; versions...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »