970 matches found
CVE-2022-2830 Deserialization of Untrusted Data in GravityZone Console On-Premise (VA-10573)
Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone...
CVE-2022-2830
CVE-2022-2830 describes a Deserialization of Untrusted Data vulnerability in Bitdefender GravityZone Console’s message processing component. Affected: GravityZone Console On-Premise < 6.29.2-1 and GravityZone Cloud Console
PT-2022-18937 · Bitdefender · Bitdefender Gravityzone Console +1
Name of the Vulnerable Software and Affected Versions: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1 Bitdefender GravityZone Cloud Console versions prior to 6.27.2-2 Description: The Deserialization of Untrusted Data issue in the message processing component allows an...
Critical Flaws Disclosed in Device42 IT Asset Management Software
Cybersecurity researchers have disclosed multiple severe security vulnerabilities asset management platform Device42 that, if successfully exploited, could enable a malicious actor to seize control of affected systems. "By exploiting these issues, an attacker could impersonate other users, obtain...
RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily...
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
Input validation
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
CVE-2022-0677
CVE-2022-0677 is an instance of an improper handling of length parameter inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay) and GravityZone (in Update Server). The issue allows a remote attacker to cause a Denial-of-Service. Affected produ...
CVE-2022-0677 Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144)
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
Bitdefender Endpoint Security Tool 安全漏洞
Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. A security vulnerability exists in Bitdefender Endpoint Security Tool that could allow an attacker to cause a denial of service...
Wyze Camera Vulnerability
Wyze ignored a vulnerability in its home security cameras for three years. Bitdefender, who discovered the vulnerability, let the company get away with it. In case youre wondering, no, that is not normal in the security community. While experts tell me that the concept of a "responsible disclosur...
Bitdefender Total Security Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Bitdefender Total Security Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...
CVE-2021-4198
A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...
Null pointer dereference
A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...
Code injection
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
CVE-2021-4199 Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...