Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaspersky vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2015-8579
Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows malicious users to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Kaspersky Total Security 2015 15.0.2.361
6.8
CVSSv2
CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
4.3
CVSSv2
CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
10
CVSSv2
CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
4.3
CVSSv2
CVE-2019-15684
Kaspersky Protection extension for web browser Google Chrome before 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
Google Chrome
Kaspersky Protection 20.0.543.1418
7.2
CVSSv2
CVE-2018-6290
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
6.8
CVSSv2
CVE-2017-9810
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an malicious user to submit authenticated requests when an authenticated user browses an at...
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
10
CVSSv2
CVE-2017-9811
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
4.3
CVSSv2
CVE-2017-9813
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
5
CVSSv2
CVE-2017-9812
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »