Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaspersky vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2020-25044
Kaspersky Virus Removal Tool (KVRT) before 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system.
Kaspersky Virus Removal Tool
6.4
CVSSv2
CVE-2015-8579
Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows malicious users to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Kaspersky Total Security 2015 15.0.2.361
6.8
CVSSv2
CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
7.2
CVSSv2
CVE-2018-6290
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
4.3
CVSSv2
CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
10
CVSSv2
CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
4.3
CVSSv2
CVE-2019-15684
Kaspersky Protection extension for web browser Google Chrome before 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
Google Chrome
Kaspersky Protection 20.0.543.1418
5
CVSSv2
CVE-2017-9812
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
4.3
CVSSv2
CVE-2017-9813
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
10
CVSSv2
CVE-2017-9811
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »