![]() Bitdefender Total Security versions prior to 25.0.26. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. Bitdefender Total Security versions prior to 7.2.1.65.Įxecution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Incorrect Default Permissions vulnerability in the bdservicehost.exe and components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions. Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender Bitdefender GravityZone versions prior to 3.3.8.272 This issue affects Bitdefender GravityZone versions prior to 3.3.8.272Ī Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. ![]() Bitdefender VPN Standalone versions prior to 25.5.0.48. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.Ī NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. ![]() Bitdefender GravityZone versions prior to 26.4-1. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. ![]() Bitdefender GravityZone Cloud Console versions prior to 6.27.2-2. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. It also affects Bitdefender Antivirus Free, Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security, as well as Bitdefender Endpoint Security Tools for Windows with engine versions prior to 7.92659.ĭeserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender Engines versions prior to 7.92659. An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |