Vulnerabilities > Kaspersky > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-18 | CVE-2019-8286 | Information Exposure vulnerability in Kaspersky products Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). | 4.3 |
| 2018-02-06 | CVE-2018-6291 | Cross-site Scripting vulnerability in Kaspersky Secure Mail Gateway 1.1 WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1. | 6.1 |
| 2017-07-17 | CVE-2017-9813 | Cross-site Scripting vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2017-01-06 | CVE-2016-4329 | Improper Input Validation vulnerability in Kaspersky Anti-Virus, Internet Security and Total Security A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. | 5.5 |
| 2017-01-06 | CVE-2016-4307 | Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0 A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. | 5.5 |
| 2017-01-06 | CVE-2016-4306 | Information Exposure vulnerability in Kaspersky Total Security 16.0.0.614 Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. | 5.5 |
| 2017-01-06 | CVE-2016-4305 | Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0 A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. | 5.5 |
| 2017-01-06 | CVE-2016-4304 | Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0 A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. | 5.5 |
| 2016-08-25 | CVE-2016-6231 | Information Exposure vulnerability in Kaspersky Safe Browser Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | 5.9 |