Vulnerabilities > Bitdefender > Endpoint Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2024-2223 | Incorrect Comparison vulnerability in Bitdefender Endpoint Security and Gravityzone Control Center An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. | 9.8 |
| 2024-04-09 | CVE-2024-2224 | Unspecified vulnerability in Bitdefender Endpoint Security and Gravityzone Control Center Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. | 9.8 |
| 2020-08-30 | CVE-2020-8097 | Improper Authentication vulnerability in Bitdefender Endpoint Security and Endpoint Security Tools An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. | 7.8 |
| 2020-08-03 | CVE-2020-8108 | Improper Authentication vulnerability in Bitdefender Endpoint Security Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. | 8.8 |