Vulnerabilities > Kaspersky > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2022-27534 | Unspecified vulnerability in Kaspersky products Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. | 9.8 |
| 2021-01-26 | CVE-2020-36199 | OS Command Injection vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | 9.8 |
| 2021-01-19 | CVE-2020-35929 | Use of Hard-coded Credentials vulnerability in Kaspersky Tinycheck In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. | 9.8 |
| 2018-02-06 | CVE-2018-6289 | Injection vulnerability in Kaspersky Secure Mail Gateway 1.1 Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. | 9.8 |
| 2017-08-25 | CVE-2017-12816 | Incorrect Permission Assignment for Critical Resource vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC. | 9.8 |
| 2017-07-17 | CVE-2017-9811 | Improper Input Validation vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). | 9.8 |