Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender update server vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-15297
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions before 6.6.20.294 allows an unprivileged malicious user to bypass the in-place mitigations and interact with hosts on the network. This issue affects...
Bitdefender Update Server
7.5
CVSSv3
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Update Server
NA
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an malicious user to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint ...
NA
CVE-2014-5350
Multiple directory traversal vulnerabilities in Bitdefender GravityZone prior to 5.1.11.432 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot)...
Bitdefender Gravityzone
1 EDB exploit
NA
CVE-2008-0396
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote malicious users to read arbitrary files via .. (dot dot) sequences in an HTTP request.
Bitdefender Update Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started