Vulnerabilities > Kaspersky > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-27535 | Unspecified vulnerability in Kaspersky VPN Secure Connection 5.0 Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker. | 7.8 |
| 2021-11-23 | CVE-2021-35052 | Improper Privilege Management vulnerability in Kaspersky Password Manager 9.0.2 A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. | 7.8 |
| 2021-11-03 | CVE-2021-35053 | Unspecified vulnerability in Kaspersky Endpoint Security 11.1.0/11.6.0 Possible system denial of service in case of arbitrary changing Firefox browser parameters. | 7.5 |
| 2021-05-14 | CVE-2020-27020 | Inadequate Encryption Strength vulnerability in Kaspersky Password Manager 9.0.2/9.2 Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. | 7.5 |
| 2020-12-04 | CVE-2020-28950 | Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0 The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. | 7.8 |
| 2020-09-02 | CVE-2020-25045 | Uncontrolled Search Path Element vulnerability in Kaspersky Security Center and Security Center web Console Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | 7.8 |
| 2020-09-02 | CVE-2020-25044 | Unspecified vulnerability in Kaspersky Virus Removal Tool Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system. | 7.1 |
| 2020-09-02 | CVE-2020-25043 | Unspecified vulnerability in Kaspersky VPN Secure Connection The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system. | 7.1 |
| 2019-05-08 | CVE-2019-8285 | Out-of-bounds Write vulnerability in Kaspersky Antivirus Engine Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution | 8.8 |
| 2018-04-19 | CVE-2018-6306 | Untrusted Search Path vulnerability in Kaspersky Password Manager Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. | 7.8 |