Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-12612
An issue exists in Bitdefender BOX firmware versions prior to 2.1.37.37-34 that allows an malicious user to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefende...
Bitdefender Box Firmware
7.5
CVSSv3
CVE-2021-3959
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions before 3.3.8.272
Bitdefender Gravityzone
7.8
CVSSv3
CVE-2021-3960
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an malicious user to execute arbitrary code on vulnerable instances. This issue affects Bitdefender GravityZone v...
Bitdefender Gravityzone
5.5
CVSSv3
CVE-2022-3369
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an malicious user to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines version...
Bitdefender Engines
9.8
CVSSv3
CVE-2018-8955
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote malicious users to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.
Bitdefender Gravityzone -
9.1
CVSSv3
CVE-2020-15297
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions before 6.6.20.294 allows an unprivileged malicious user to bypass the in-place mitigations and interact with hosts on the network. This issue affects...
Bitdefender Update Server
NA
CVE-2010-5154
Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space...
Bitdefender Bitdefender Total Security 2010 13.0.20.347
NA
CVE-2005-2298
BitDefender Engine 1.6.1 and previous versions does not properly scan all attachments, which allows remote malicious users to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwar...
Softwin Bitdefender Engine
7.1
CVSSv3
CVE-2020-8103
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions before 1.0.17.178.
Bitdefender Antivirus 2020
3 Github repositories
NA
CVE-2005-3211
Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote malicious users to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such a...
Softwin Bitdefender Antivirus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »