cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2017-9810,https://securityvulnerability.io/vulnerability/CVE-2017-9810,,There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.,Kaspersky,Anti-virus For Linux Server,8.8,HIGH,0.02314000017940998,false,false,false,false,,false,false,2017-07-17T21:00:00.000Z,0
CVE-2017-9811,https://securityvulnerability.io/vulnerability/CVE-2017-9811,,"The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.",Kaspersky,Anti-virus For Linux Server,9.8,CRITICAL,0.022619999945163727,false,false,false,false,,false,false,2017-07-17T21:00:00.000Z,0
CVE-2017-9812,https://securityvulnerability.io/vulnerability/CVE-2017-9812,,The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.,Kaspersky,Anti-virus For Linux Server,7.5,HIGH,0.039420001208782196,false,false,false,false,,false,false,2017-07-17T21:00:00.000Z,0
CVE-2017-9813,https://securityvulnerability.io/vulnerability/CVE-2017-9813,,"In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).",Kaspersky,Anti-virus For Linux Server,6.1,MEDIUM,0.015530000440776348,false,false,false,false,,false,false,2017-07-17T21:00:00.000Z,0