This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390 versions prior to 7.1.2.33. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.Ī Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. Bitdefender VPN Standalone versions prior to 25.5.0.48.Ĥ Antivirus Plus, Endpoint Security Tools, Internet Security and 1 more Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111.ĥ Antivirus Plus, Endpoint Security Tools, Internet Security and 2 moreĪ NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender GravityZone versions prior to 26.4-1. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. Bitdefender Total Security versions prior to 25.0.26.ģ Endpoint Security Tools, Gravityzone, Update Server This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. Bitdefender GravityZone versions prior to 6.24.1-1.Ģ Endpoint Security Tools, Total SecurityĮxecution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Bitdefender Unified Endpoint versions prior to 6.2.21.160. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390 versions prior to 7.1.2.33. Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue was discovered during external security research. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.Īn Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |