Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3552
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions before 6.6.27.390; versions...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone 6.24.1-1
NA
CVE-2005-1286
Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.
Softwin Bitdefender Antivirus Standard 8
Softwin Bitdefender Antivirus Professional Plus 8
7.5
CVSSv3
CVE-2023-3633
An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower.
Bitdefender Engines
8.1
CVSSv3
CVE-2019-17102
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitra...
Bitdefender Box 2 Firmware
NA
CVE-2004-1947
The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote malicious users to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase th...
Softwin Bitdefender
2 EDB exploits
NA
CVE-2014-5350
Multiple directory traversal vulnerabilities in Bitdefender GravityZone prior to 5.1.11.432 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot)...
Bitdefender Gravityzone
1 EDB exploit
6.1
CVSSv3
CVE-2021-3641
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local malicious user to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33...
Bitdefender Gravityzone
NA
CVE-2008-6661
Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and previous versions allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file.
Bitdefender Bitdefender Antivirus
7.5
CVSSv3
CVE-2020-8100
Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an malicious user to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions before 7.84063.
Bitdefender Engines
5.5
CVSSv3
CVE-2020-8092
A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local malicious user to obtain authentication tokens for requests submitted to the Bitdefender Cloud. This issue affects: Bitdefender Bitdefender Antivirus for Mac versions before ...
Bitdefender Antivirus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »