The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Gentlemen ransomware-as-a-service RaaS operation is actively developing and maintaining a suite of endpoint detection and response EDR killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDR-terminating tools is center...

CVE-2025-5317

An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...

EUVD-2020-29008

Malware in sbrugna...

EUVD-2021-34057

Malicious code in bioql PyPI...

EUVD-2021-34058

Malicious code in bioql PyPI...

Collect-MemoryDump - Automated Creation Of Windows Memory Snapshots For DFIR

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot from a live Windows system in a forensically sound manner. Features: Checks for Hostname and Physical Memory Size before starting memory...

CVE-2022-3369

An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It...

CVE-2022-3369

An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It...

Input validation

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...

CVE-2022-0677

CVE-2022-0677 is an instance of an improper handling of length parameter inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay) and GravityZone (in Update Server). The issue allows a remote attacker to cause a Denial-of-Service. Affected produ...

CVE-2022-0677

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...

Code injection

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...

CVE-2021-4199 Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...

CVE-2021-4198

A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools’ anti-virus protection mechanisms, related to errors in access control, allows attackers to escalate their privileges.

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools BEST lies in errors related to access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the EPPUpdateService service in the BitDefender Endpoint Security Tools antivirus protection tool allows a hacker to disclose protected information.

The vulnerability of the EPPUpdateService service in the BitDefender Endpoint Security Tools antivirus protection tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

Server side request forgery (ssrf)

A Server-Side Request Forgery SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions prior to 3.3.8.272...

CVE-2021-3959 Server-Side Request Forgery in Bitdefender GravityZone Update Server in Relay Mode (VA-10145)

A Server-Side Request Forgery SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions prior to 3.3.8.272...

Server side request forgery (ssrf)

A Server-Side Request Forgery SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33...

Improper access control

Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions...