threat
engine
.sh
Back
·
··:··
Home
/
Product
/
kaspersky internet security
Product
kaspersky internet security
29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-27534
< 12.03.2022
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had
9.8
CRITICAL
CVE-2021-27223
< 2021-06
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky
5.5
MEDIUM
CVE-2021-26718
< 21.1
KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection.
5.5
MEDIUM
CVE-2019-15689
all versions
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020
6.7
MEDIUM
CVE-2019-15688
<= 2020
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec
6.1
MEDIUM
CVE-2019-15687
<= 2020
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec
6.5
MEDIUM
CVE-2019-15686
<= 2020
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec
4.3
MEDIUM
CVE-2019-15685
<= 2020
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec
4.3
MEDIUM
CVE-2019-8286
<= 2019
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could po
4.3
MEDIUM
CVE-2017-12817
all versions
In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted.
7.5
HIGH
CVE-2017-12816
all versions
In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might
9.8
CRITICAL
CVE-2016-4329
all versions
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software
5.5
MEDIUM
CVE-2016-4307
all versions
A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A speciall
5.5
MEDIUM
CVE-2016-4305
all versions
A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A spec
5.5
MEDIUM
CVE-2016-4304
all versions
A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A
5.5
MEDIUM
CVE-2014-5654
all versions
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL
CVE-2009-4452
all versions
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010
CVE-2009-2966
all versions
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CP
CVE-2009-2647
all versions
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows r
CVE-2008-1518
all versions
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to
CVE-2007-5086
all versions
Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descr
CVE-2007-5043
all versions
Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT) func
CVE-2007-1881
<= 6.0.1.411
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers
CVE-2007-1880
<= 6.0.1.411
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for F
CVE-2007-1879
<= 6.0.1.411
The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0
CVE-2007-1112
all versions
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and
CVE-2007-0445
<= 6.0
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and
CVE-2006-4926
all versions
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersk
CVE-2006-3074
all versions
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin