Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31684
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows malicious users to bypass fingerprint authentication due to the use of a deprecated API.
NA
CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an malicious user to execute arbitrary code on vulnerable instances. This issue affects the following products ...
NA
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an malicious user to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint ...
NA
CVE-2023-6154
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an malicious user to change the product's expected behavior and potentially load a third-party l...
7.5
CVSSv3
CVE-2023-3633
An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower.
Bitdefender Engines
7.8
CVSSv3
CVE-2022-0357
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an malicious user to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security ...
Bitdefender Total Security
Bitdefender Internet Security
Bitdefender Antivirus Plus
5.5
CVSSv3
CVE-2022-3369
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an malicious user to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines version...
Bitdefender Engines
9.8
CVSSv3
CVE-2022-2830
Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an malicious user to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions before 6.29.2-1. Bit...
Bitdefender Gravityzone
7.5
CVSSv3
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...
Bitdefender Endpoint Security Tools
Bitdefender Update Server
Bitdefender Gravityzone
6.1
CVSSv3
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an malicious user to arbitrarily crash product processes and generate crashdump fil...
Bitdefender Vpn Standalone
Bitdefender Total Security
Bitdefender Internet Security
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »