cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15689,https://securityvulnerability.io/vulnerability/CVE-2019-15689,Code Execution Vulnerability in Kaspersky Products Exposes Users,"A vulnerability in Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, and Kaspersky Security Cloud allows a local user to execute arbitrary code. This flaw occurs when an attacker, with administrator rights, places a compromised file on the system. The vulnerability may also enable bypassing certain whitelisting mechanisms, which could undermine the effectiveness of some security features.",Kaspersky,"Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-12-02T20:43:52.000Z,0
CVE-2019-15687,https://securityvulnerability.io/vulnerability/CVE-2019-15687,Information Disclosure Vulnerability in Kaspersky Anti-Virus and Related Products,"Certain Kaspersky products, including Kaspersky Anti-Virus, Internet Security, Total Security, Free Anti-Virus, Small Office Security, and Security Cloud up to the year 2020, exhibit a vulnerability in their web protection component. This vulnerability allows for remote disclosure of sensitive information regarding the user's system, such as the Windows version, the specific product version, and a unique host identifier. Attackers could exploit this weakness to gain insights into the system's configuration and potentially target the users.",Kaspersky,"Kaspersky Anti-virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-virus, Kaspersky Small Office Security, Kaspersky Security Cloud",6.5,MEDIUM,0.004110000096261501,false,,false,false,false,,,false,false,,2019-11-26T15:45:17.000Z,0
CVE-2019-15686,https://securityvulnerability.io/vulnerability/CVE-2019-15686,Remote Attack Vulnerabilities in Kaspersky Security Products,"The web protection component of Kaspersky security solutions is susceptible to vulnerabilities that enable remote attackers to disable critical antivirus features. This could potentially lead to a denial-of-service condition and evasion of security protocols, increasing the risk of malicious activity on affected systems. Users are advised to update their Kaspersky products to mitigate this issue.",Kaspersky,"Kaspersky Anti-virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-virus, Kaspersky Small Office Security, Kaspersky Security Cloud",4.3,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2019-11-26T15:44:49.000Z,0
CVE-2019-15685,https://securityvulnerability.io/vulnerability/CVE-2019-15685,Remote Security Feature Bypass in Kaspersky Products,"An issue in Kaspersky's web protection component allowed attackers to remotely disable critical security features, such as private browsing and anti-banner options, in various Kaspersky products released up to 2020. This vulnerability poses a significant risk as it undermines the core functionalities intended to protect users from online threats. Effective measures should be taken to address this vulnerability and safeguard systems.",Kaspersky,"Kaspersky Anti-virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-virus, Kaspersky Small Office Security, Kaspersky Security Cloud",4.3,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2019-11-26T15:44:19.000Z,0
CVE-2019-15688,https://securityvulnerability.io/vulnerability/CVE-2019-15688,Web Protection Bypass in Kaspersky Products,"The web protection component in various Kaspersky products fails to adequately alert users regarding the risks associated with redirecting to potentially harmful sites. This weakness could allow attackers to bypass security measures, exposing users to untrusted domains without proper warnings, thus compromising the integrity of the users' browsing experience.",Kaspersky,"Kaspersky Anti-virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-virus, Kaspersky Small Office Security, Kaspersky Security Cloud",6.1,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2019-11-26T15:32:17.000Z,0
CVE-2019-8286,https://securityvulnerability.io/vulnerability/CVE-2019-8286,Information Disclosure in Kaspersky Products,"A vulnerability in Kaspersky Anti-Virus, Kaspersky Internet Security, and Kaspersky Total Security could allow for information disclosure of unique Product IDs. This occurs when a user is coerced into visiting a malicious or specially crafted webpage, potentially through phishing tactics. This underscores the importance of user awareness and robust security measures to protect sensitive data from exploitation.",Kaspersky,"Kaspersky Anti-virus, Kaspersky Internet Security, Kaspersky Total Security",4.3,MEDIUM,0.0009800000116229057,false,,false,false,false,,,false,false,,2019-07-18T18:34:15.000Z,0
CVE-2016-4329,https://securityvulnerability.io/vulnerability/CVE-2016-4329,,"A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.",Kaspersky,Total Security,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-01-06T21:00:00.000Z,0
CVE-2016-4306,https://securityvulnerability.io/vulnerability/CVE-2016-4306,,"Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability.",Kaspersky,Total Security,5.5,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2017-01-06T21:00:00.000Z,0
CVE-2015-8579,https://securityvulnerability.io/vulnerability/CVE-2015-8579,,"Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.",Kaspersky,Total Security 2015,,,0.0021699999924749136,false,,false,false,false,,,false,false,,2015-12-16T18:00:00.000Z,0