Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-17095
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of sys...
Bitdefender Box 2 Firmware 2.1.47.42
Bitdefender Box 2 Firmware 2.1.53.45
10
CVSSv2
CVE-2017-8931
Bitdefender GravityZone VMware appliance prior to 6.2.1-35 might allow malicious users to gain access with root privileges via unspecified vectors.
Bitdefender Gravityzone
10
CVSSv2
CVE-2006-6627
Integer overflow in the packed PE file parsing implementation in BitDefender products prior to 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5...
Softwin Bitdefender Antivirus
Softwin Bitdefender Antivirus Plus
Softwin Bitdefender Isa Server
Softwin Bitdefender Online Scanner
Softwin Bitdefender Ms Exchange 2000
Softwin Bitdefender Ms Exchange 2003
Softwin Bitdefender Ms Exchange 5.5
Softwin Bitdefender Internet Security
Softwin Bitdefender Mail Protection Enterprises
9.3
CVSSv2
CVE-2019-17096
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
Bitdefender Box 2 Firmware -
Bitdefender Central
9.3
CVSSv2
CVE-2019-17102
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitra...
Bitdefender Box 2 Firmware
9.3
CVSSv2
CVE-2019-15295
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions before 1.0.15.138, allows an malicious user to load an arbitrary DLL file from the search path.
Bitdefender Antivirus 2020
1 Article
9.3
CVSSv2
CVE-2017-17408
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Bitdefender Internet Security 2018
9.3
CVSSv2
CVE-2017-17409
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Bitdefender Internet Security 2018
9.3
CVSSv2
CVE-2017-17410
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Bitdefender Internet Security 2018
9.3
CVSSv2
CVE-2017-10954
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. User interaction is required to exploit this vulnerability in that the target must visit a malici...
Bitdefender Internet Security 2018
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »