Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.23.320:*:*:*:*:windows:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-0677 |
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Bitdefender GravityZone versions prior to 26.4-1. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111. Published: April 07, 2022; 3:15:07 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-4199 |
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146. Published: March 07, 2022; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-4198 |
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48. Published: March 07, 2022; 7:15:07 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 3.6 LOW |
CVE-2021-3554 |
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1. Published: November 24, 2021; 11:15:13 AM -0500 |
V4.0:(not available) V3.1: 10.0 CRITICAL V2.0: 7.5 HIGH |
CVE-2021-3579 |
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65. Published: October 28, 2021; 10:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-3576 |
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26. Published: October 28, 2021; 10:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |