CVE-2024-2223

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-185
View all →

Vulnerability Description

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux version 7.0.5.200089 Bitdefender Endpoint Security for Windows version 7.9.9.380 GravityZone Control Center (On Premises) version 6.36.1

Related Vulnerabilities

CVE-2019-12798

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

CWE-1852019

CVE-2020-3408

HIGH
CVSS:8.6(High)

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of...

CWE-1852020

CVE-2019-12798

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

CWE-1852019

CVE-2020-3408

HIGH
CVSS:8.6(High)

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of...

CWE-1852020

CVE-2018-17984

HIGH
CVSS:7.8(High)

An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have loca...

CWE-1852018

CVE-2018-20801

HIGH
CVSS:7.5(High)

In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka...

CWE-1852018