EUVD-2019-17684

Malware in sbrugna...

EUVD-2015-8457

Malware in sbrugna...

The vulnerability of the modules related to antivirus protection software, such as Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security, is related to vulnerabilities in access control. These vulnerabilities allow attackers to trigger an emergency shutdown of the Microsoft Windows operating system.

The vulnerability of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security modules is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to...

The installation file of Kaspersky VPN Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, and Kaspersky Security Cloud is vulnerable, allowing a hacker to delete any file during the installation process.

The vulnerability of the installation files of antivirus protection software such as Kaspersky VPN Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, and Kaspersky Security Cloud lies in code errors. Exploiting this vulnerability could allow a hacker to delete any file duri...

Kaspersky Total Security Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Kaspersky Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

The vulnerability affects components of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud, Kaspersky Small Office Security, and Kaspersky Endpoint Security for Windows. This vulnerability allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of components such as Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud, Kaspersky Small Office Security, and Kaspersky Endpoint Security for Windows relates to errors in permission and privilege management. Exploiting this...

The vulnerability in the implementation of UI processes of anti-virus protection solutions from Kaspersky – such as Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, and Kaspersky Security Cloud – allows attackers to trigger a service failure.

The vulnerability of the UI implementation for anti-virus protection solutions from Kaspersky – including Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, and Kaspersky Security Cloud – is related to deficiencies in the authentication...

The vulnerability of the Kaspersky Total Security antivirus protection, related to code errors, allows attackers to increase their privileges.

The vulnerability of the Kaspersky Total Security antivirus protection is related to errors in the code. Exploiting this vulnerability can allow attackers to enhance their privileges by manipulating symbolic links...

The vulnerability of the Kaspersky Total Security antivirus protection, related to errors in multi-threaded operations, allows attackers to increase their privileges.

The vulnerability of the Kaspersky Total Security antivirus protection is related to errors in multi-threaded operations. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the inter-process interaction components of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free, Kaspersky Security Cloud, Kaspersky Password Manager, Kaspersky Safe Kids, Kaspersky Software Updater, Kaspersky Endpoint Security, Kaspersky Small Office Security, and Kaspersky AntiTargetedAttackAgent allows a perpetrator to execute arbitrary code.

The vulnerability of the inter-process interaction components of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free, Kaspersky Security Cloud, Kaspersky Password Manager, Kaspersky Safe Kids, Kaspersky Software Updater, Kaspersky Endpoint Security, Kaspers...

Information disclosure

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage for example, via clicking phishing link. Vulnerability has CVSS v3.0 base...

CVE-2019-8286

CVE-2019-8286 concerns Kaspersky URL Advisor in multiple Kaspersky products. The issue stems from how the URL Advisor injects a remotely-hosted JavaScript into pages, where the injected URL contained a unique, per-user identifier. This could allow websites or third-party services to read the Kasp...

KLA10947 Denial of service vulnerability in Kaspersky products

Vulnerability was found in window broadcast message handling functionality of Kaspersky products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally via a specially designed unhandled window messages, which cause termination...

Multiple vulnerabilities in the Kaspersky Total Security antivirus protection system allow attackers to obtain confidential information.

The multiple vulnerabilities of the KLDISK driver in the Kaspersky Total Security antivirus protection software are related to the lack of protection for operational data. Exploiting these vulnerabilities could allow an intruder, operating locally, to gain access to confidential information—such ...

Local Denial of Service Vulnerability in Multiple Kaspersky Products

Kaspersky Internet Security is a suite of security software that combines the functions of an antivirus and a firewall.Kaspersky Antivirus/Total Security is an antivirus program from Kaspersky Labs. A local denial of service vulnerability exists in several Kaspersky products, which could be...

Kaspersky Total Security Version Detection

Detects the installed version of Kaspersky Total security on Windows. The script logs in via smb, searches for kaspersky in the registry, gets the kaspersky total security installation path from registry and fetches version. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might b...

The vulnerabilities of McAfee VirusScan Enterprise, AVG InternetSecurity, and Kaspersky Total Security allow attackers to bypass the DEP and ASLR protection mechanisms.

The vulnerability of McAfee VirusScan Enterprise, AVG InternetSecurity, and Kaspersky Total Security anti-virus tools is related to the allocation of memory with read, write, and execute permissions during the protection of user processes. Exploiting this vulnerability can allow a malicious actor...

Kaspersky Total Security Security Bypass Vulnerability

Kaspersky Total Security is a comprehensive multi-device version of the Russian antivirus program. The Kaspersky Total Security program protects user-mode processes by allocating memory with Read, Write, Execute RWX privileges in predictable addresses, allowing an attacker to exploit this...

CVE-2015-8579

Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute RWX permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors...

CVE-2015-8579

Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute RWX permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors...