5 matches found
CVE-2024-2224
CVE-2024-2224 affects Bitdefender GravityZone UpdateServer and related products: Linux endpoint 7.0.5.200089, Windows endpoint 7.9.9.380, GravityZone Control Center On Premises 6.36.1. The issue is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the UpdateServer...
CVE-2024-2223
CVE-2024-2223 is an Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server that enables Server-Side Request Forgery and relay reconfiguration. Affected products include Bitdefender Endpoint Security for Linux (7.0.5.200089), Bitdefender Endpoint Security for Windows (...
CVE-2020-8108
The CVE concerns Bitdefender Endpoint Security for Mac, where an improper authentication flaw lets an unprivileged local process restart the main service and potentially inject third‑party code into a trusted process. Affected versions are Bitdefender Endpoint Security for Mac prior to 4.12.80. T...
CVE-2020-8097
CVE-2020-8097 affects Bitdefender Endpoint Security Tools for Windows (pre-6.6.18.261) and Bitdefender Endpoint Security SDK (pre-6.6.18.261). The root cause is improper authentication allowing a local, unprivileged attacker to escalate privileges or tamper with security settings. CVSS data shows...
CVE-2025-5317
Bitdefender Endpoint Security Tools for Mac (BEST) before version 7.20.52.200087 contains an improper access restriction in a critical folder, enabling local users with administrative privileges (sudo) to bypass uninstall password protection and manually remove the application directory (/Applica...