3 matches found
CVE-2022-0677
CVE-2022-0677 is an instance of an improper handling of length parameter inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay) and GravityZone (in Update Server). The issue allows a remote attacker to cause a Denial-of-Service. Affected produ...
CVE-2008-0396
CVE-2008-0396 is a directory traversal vulnerability in BitDefender Update Server (http.exe) used by BitDefender products. The vulnerability allows an unauthenticated remote attacker to read arbitrary files by crafting HTTP requests with directory traversal sequences (..). The issue affects the U...
CVE-2020-15297
The CVE-2020-15297 entry covers insufficient validation in Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools prior to version 6.6.20.294. The underlying issue allows an unprivileged attacker to bypass in‑place mitigations and interact with hosts on the net...