144 matches found
CVE-2021-3554 Improper Access Control vulnerability in the patchesUpdate API
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions...
CVE-2021-3641
Improper Link Resolution Before File Access 'Link Following' vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions...
CVE-2021-3641
Improper Link Resolution Before File Access 'Link Following' vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions...
Input validation
Improper Link Resolution Before File Access 'Link Following' vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions...
CVE-2021-3641 Improper Link Resolution Before File Access in Bitdefender GravityZone (VA-9921)
Improper Link Resolution Before File Access 'Link Following' vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions...
CVE-2021-3823
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
CVE-2021-3823
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
Path traversal
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
CVE-2021-3823
CVE-2021-3823 is a path-traversal vulnerability in Bitdefender GravityZone UpdateServer (relay mode) that allows arbitrary code execution on vulnerable instances. Affected: Bitdefender GravityZone prior to version 3.3.8.249. Root cause: improper limitation of a pathname to a restricted directory ...
CVE-2021-3823 Path traversal vulnerability in Bitdefender GravitZone Update Server in relay mode
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
Bitdefender GravityZone 路径遍历漏洞
Bitdefender GravityZone Business is a scanning software from Bitdefender, Inc. A path traversal vulnerability exists in Bitdefender GravityZone, which stems from an incorrectly restricted pathname to restricted directory path traversal vulnerability in the UpdateServer component of Bitdefender...
CVE-2021-3552
A Server-Side Request Forgery SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33...
CVE-2021-3423
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...
CVE-2021-3423
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...
Path traversal
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...
CVE-2021-3423
CVE-2021-3423 describes an uncontrolled search path element issue in the OpenSSL usage within Bitdefender GravityZone Business Security that enables local privilege escalation by loading a third-party DLL. Affected versions are GravityZone Business Security prior to 6.6.23.329. The root cause is ...
CVE-2021-3423 Privilege escalation in Bitdefender GravityZone Business Security
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...
Bitdefender GravityZone Business Security 代码问题漏洞
Bitdefender GravityZone Business is an application from the American company Bitdefender. A scanning software. A code issue vulnerability exists in Bitdefender GravityZone Business Security prior to version 6.6.23.329, which stems from an uncontrolled search path element vulnerability in the...
CVE-2017-8931
Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors...
CVE-2017-8931
Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors...