Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaspersky vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-15684
Kaspersky Protection extension for web browser Google Chrome before 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
Google Chrome
Kaspersky Protection 20.0.543.1418
9.8
CVSSv3
CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
7.8
CVSSv3
CVE-2018-6290
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
6.1
CVSSv3
CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
NA
CVE-2015-8579
Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows malicious users to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Kaspersky Total Security 2015 15.0.2.361
8.8
CVSSv3
CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1.
Kaspersky Secure Mail Gateway 1.1
9.8
CVSSv3
CVE-2017-9811
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
7.5
CVSSv3
CVE-2017-9812
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
8.8
CVSSv3
CVE-2017-9810
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an malicious user to submit authenticated requests when an authenticated user browses an at...
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
6.1
CVSSv3
CVE-2017-9813
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »