Gravityzone

This hub aggregates every CVE we track for Gravityzone, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Security Products

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH6MEDIUM5CRITICAL5

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Gravityzone.

CVE-2025-2243SSRF in GravityZone Console via DNS Truncation (VA-12634)7.3Apr 4, 2025
CVE-2025-2244Insecure PHP deserialization issue in GravityZone Console (VA-12634)9.8Apr 4, 2025
CVE-2024-6980Verbose error handling issue in GravityZone Update Server proxy service9.8Jul 31, 2024
CVE-2024-4177Host whitelist parser issue in GravityZone Console On-Premise (VA-11554)8.1Jun 6, 2024
CVE-2022-2830Deserialization of Untrusted Data in GravityZone Console On-Premise (VA-10573)8.8Sep 5, 2022
CVE-2022-0677Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144)7.5Apr 7, 2022
CVE-2021-3960Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-10146)7.1Dec 16, 2021
CVE-2021-3959Server-Side Request Forgery in Bitdefender GravityZone Update Server in Relay Mode (VA-10145)6.8Dec 16, 2021
CVE-2021-3553Server-Side Request Forgery in EPPUpdateService remote config file (VA-9825)5.3Nov 24, 2021
CVE-2021-3554Improper Access Control vulnerability in the patchesUpdate API9.0Nov 24, 2021
CVE-2021-3552Insufficient validation on regular expression in EPPUpdateService config file (VA-9825)5.3Nov 24, 2021
CVE-2021-3641Improper Link Resolution Before File Access in Bitdefender GravityZone (VA-9921)6.1Nov 9, 2021
CVE-2021-3823Path traversal vulnerability in Bitdefender GravitZone Update Server in relay mode7.1Oct 28, 2021
CVE-2017-8931Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.9.8Oct 30, 2018
CVE-2018-8955The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changi...9.8Oct 24, 2018

Product normalization is registry-driven with AI assist and human review. How it works