Known Vulnerabilities for products from Kaspersky Lab
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Kaspersky Lab".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-15616 | Not Provided | 2026-03-27 | 2026-03-27 | |
| CVE-2009-4452 | Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and ... | 6.8 - MEDIUM | 2009-12-29 | 2018-10-10 |
| CVE-2009-0449 | Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain priv... | 7.2 - HIGH | 2009-02-10 | 2018-10-11 |
| CVE-2008-5426 | Kaspersky Internet Security Suite 2009 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and ... | 4.3 - MEDIUM | 2008-12-11 | 2018-10-11 |
| CVE-2008-1518 | Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local use... | 7.2 - HIGH | 2008-06-05 | 2017-08-08 |
| CVE-2007-5086 | Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service ... | 2.1 - LOW | 2007-09-26 | 2011-03-08 |
| CVE-2007-5043 | Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT)... | 4.4 - MEDIUM | 2007-09-24 | 2018-10-15 |
| CVE-2007-4206 | Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets incorrect permissions for application files in certain upg... | 4.4 - MEDIUM | 2007-08-08 | 2017-07-29 |
| CVE-2007-3906 | Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow at... | 5 - MEDIUM | 2007-07-19 | 2017-07-29 |
| CVE-2007-3675 | Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Sca... | 9.3 - HIGH | 2007-10-12 | 2017-07-29 |
| CVE-2007-3502 | Unspecified vulnerability in the web-based product configuration system in Kaspersky Anti-Spam before 3.0 MP1 allows remote a... | 7.5 - HIGH | 2007-06-30 | 2017-07-29 |
| CVE-2007-1881 | Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Se... | 6.8 - MEDIUM | 2007-04-06 | 2011-03-08 |
| CVE-2007-1880 | Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus ... | 6.6 - MEDIUM | 2007-04-06 | 2017-07-29 |
| CVE-2007-1879 | The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security... | 9.3 - HIGH | 2007-04-06 | 2017-07-29 |
| CVE-2007-1281 | Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (C... | 7.8 - HIGH | 2007-03-06 | 2017-07-29 |
| CVE-2007-1112 | Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll)... | 10 - HIGH | 2007-04-06 | 2018-10-16 |
| CVE-2007-0445 | Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations... | 10 - HIGH | 2007-04-06 | 2018-10-16 |
| CVE-2007-0125 | Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering... | 5 - MEDIUM | 2007-01-09 | 2017-07-29 |
| CVE-2006-6408 | Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid cha... | 5 - MEDIUM | 2006-12-10 | 2018-10-17 |
| CVE-2006-4926 | The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kas... | 7.2 - HIGH | 2006-10-20 | 2018-10-17 |