- EPSS 0.32%
- Veröffentlicht 24.11.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:49
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefend...
CVE-2021-3641
- EPSS 0.04%
- Veröffentlicht 09.11.2021 14:15:11
- Zuletzt bearbeitet 21.11.2024 06:22:03
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone ve...
CVE-2021-3823
- EPSS 0.4%
- Veröffentlicht 28.10.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:32
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefende...
- EPSS 0.44%
- Veröffentlicht 30.10.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:35:00
Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.
CVE-2018-8955
- EPSS 5.15%
- Veröffentlicht 24.10.2018 22:29:02
- Zuletzt bearbeitet 21.11.2024 04:14:40
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital sign...
- EPSS 7.21%
- Veröffentlicht 19.08.2014 19:55:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2...