Vulnerabilities > Kaspersky
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-19 | CVE-2020-35929 | Use of Hard-coded Credentials vulnerability in Kaspersky Tinycheck In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. | 9.8 |
| 2020-12-04 | CVE-2020-28950 | Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0 The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. | 7.8 |
| 2020-09-02 | CVE-2020-25045 | Uncontrolled Search Path Element vulnerability in Kaspersky Security Center and Security Center web Console Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | 7.8 |
| 2020-09-02 | CVE-2020-25044 | Unspecified vulnerability in Kaspersky Virus Removal Tool Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system. | 7.1 |
| 2020-09-02 | CVE-2020-25043 | Unspecified vulnerability in Kaspersky VPN Secure Connection The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system. | 7.1 |
| 2019-12-02 | CVE-2019-15689 | Exposure of Resource to Wrong Sphere vulnerability in Kaspersky products Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. | 6.7 |
| 2019-11-26 | CVE-2019-15688 | Open Redirect vulnerability in Kaspersky products Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. | 6.1 |
| 2019-11-26 | CVE-2019-15687 | Unspecified vulnerability in Kaspersky products Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). | 6.5 |
| 2019-11-26 | CVE-2019-15686 | Unspecified vulnerability in Kaspersky products Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. | 4.3 |
| 2019-11-26 | CVE-2019-15685 | Unspecified vulnerability in Kaspersky products Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. | 4.3 |