Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

BItdefender

Source -

CNA

BOS Name -

Bitdefender

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2023-6056
Assigner-Bitdefender
ShareView Details
Assigner-Bitdefender
CVSS Score-8.6||HIGH
EPSS-0.06% / 17.96%
||
7 Day CHG~0.00%
Published-18 Oct, 2024 | 07:31
Updated-22 Oct, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.

Action-Not Available
Vendor-Bitdefender
Product-total_securityTotal Securitytotal_security
CWE ID-CWE-295
Improper Certificate Validation
CVE-2021-3423
Assigner-Bitdefender
ShareView Details
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 11:00
Updated-17 Sep, 2024 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in Bitdefender GravityZone Business Security

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329.

Action-Not Available
Vendor-Bitdefender
Product-gravityzone_business_securityGravityZone Business Security
CWE ID-CWE-427
Uncontrolled Search Path Element