Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaspersky anti-virus vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-27534
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released prior to 12 March 2022 had a bug in a data parsing module that potentially allowed an malicious user to execute arbitrary code. The fix was delivered automatically. Credits: G...
Kaspersky Anti-virus
Kaspersky Endpoint Security
Kaspersky Internet Security
Kaspersky Security Cloud
Kaspersky Small Office Security
Kaspersky Total Security
9.8
CVSSv3
CVE-2017-9811
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
8.8
CVSSv3
CVE-2017-9810
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an malicious user to submit authenticated requests when an authenticated user browses an at...
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
7.5
CVSSv3
CVE-2017-9812
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
6.5
CVSSv3
CVE-2019-15687
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user...
Kaspersky Anti-virus
Kaspersky Internet Security
Kaspersky Security Cloud
Kaspersky Small Office Security
Kaspersky Total Security
6.1
CVSSv3
CVE-2019-15688
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untr...
Kaspersky Anti-virus
Kaspersky Internet Security
Kaspersky Security Cloud
Kaspersky Small Office Security
Kaspersky Total Security
6.1
CVSSv3
CVE-2017-9813
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
Kaspersky Anti-virus For Linux Server
1 EDB exploit
1 Article
5.5
CVSSv3
CVE-2021-27223
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: ...
Kaspersky Anti-virus
Kaspersky Endpoint Security
Kaspersky Internet Security
Kaspersky Security Cloud
Kaspersky Small Office Security
Kaspersky Total Security
5.5
CVSSv3
CVE-2021-26718
KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an malicious user to disable anti-virus protection.
Kaspersky Internet Security
5.5
CVSSv3
CVE-2016-4329
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.
Kaspersky Total Security 16.0.0.614
Kaspersky Internet Security 16.0.0.614
Kaspersky Anti-virus 16.0.0.614
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »