As a trusted member of the security industry, Bitdefender continually assesses our own products. We also receive and welcome vulnerability advisories via Bug Bounty programs, and support security vendor transparency in reporting.

CVE ID Published Title Product
CVE-2022-0677 April 7, 2022 Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144) Bitdefender Endpoint Security Tools
CVE-2021-4199 March 7, 2022 Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017) Bitdefender Antivirus Plus
CVE-2021-4198 March 7, 2022 messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016) Bitdefender Antivirus Plus
CVE-2020-8107 February 18, 2022 Process Control vulnerability in Bitdefender Antivirus Plus (VA-8709) Bitdefender Antivirus Plus
CVE-2021-3960 December 16, 2021 Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-10146) Bitdefender GravityZone Business Security
CVE-2021-3959 December 16, 2021 Server-Side Request Forgery in Bitdefender GravityZone Update Server in Relay Mode (VA-10145) Bitdefender GravityZone Business Security
CVE-2021-3554 November 24, 2021 Improper Access Control vulnerability in patchesUpdate API (VA-9825) Bitdefender Endpoint Security Tools for Linux
CVE-2021-3553 November 24, 2021 Server-Side Request Forgery in EPPUpdateService remote config file (VA-9825) Bitdefender Endpoint Security Tools
CVE-2021-3552 November 24, 2021 Insufficient validation on regular expression in EPPUpdateService config file (VA-9825) Bitdefender Endpoint Security Tools
CVE-2021-3641 November 9, 2021 Improper Link Resolution Before File Access in Bitdefender Endpoint Security Tools for Windows (VA-9921) Bitdefender Endpoint Security Tools
1 2 3 6