Vulnerabilities > Kaspersky > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-6290 | Unspecified vulnerability in Kaspersky Secure Mail Gateway 1.1 Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. | 7.8 |
| 2018-02-06 | CVE-2018-6288 | Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Secure Mail Gateway 1.1 Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1. | 8.8 |
| 2017-12-08 | CVE-2017-12823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Kaspersky Embedded Systems Security 1.2.0.300/2.0.0.385 Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation. | 7.8 |
| 2017-08-25 | CVE-2017-12817 | Missing Encryption of Sensitive Data vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted. | 7.5 |
| 2017-07-17 | CVE-2017-9812 | Information Exposure vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges. | 7.5 |
| 2017-07-17 | CVE-2017-9810 | Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). | 8.8 |