Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender endpoint security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3552
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions before 6.6.27.390; versions...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
7.5
CVSSv3
CVE-2021-3553
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an malicious user to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions before ...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
6.7
CVSSv3
CVE-2019-14242
An issue exists in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions before 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions before 23.0.24.120) that can lead to local code injection. A l...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tool
Bitdefender Internet Security
Bitdefender Total Security
6.6
CVSSv3
CVE-2021-3485
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle malicious user to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitde...
Bitdefender Endpoint Security Tools
6.1
CVSSv3
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an malicious user to arbitrarily crash product processes and generate crashdump fil...
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security
Bitdefender Vpn Standalone
6.1
CVSSv3
CVE-2021-3641
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local malicious user to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33...
Bitdefender Gravityzone
5.5
CVSSv3
CVE-2022-3369
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an malicious user to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines version...
Bitdefender Engines
3.3
CVSSv3
CVE-2020-15279
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions before 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue exists during external security research.
Bitdefender Endpoint Security Tools
NA
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an malicious user to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint ...
NA
CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an malicious user to execute arbitrary code on vulnerable instances. This issue affects the following products ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »