Known Vulnerabilities for products from Kaspersky Lab
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Kaspersky Lab".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-15616 json | Not Provided | 2026-03-27 | 2026-03-27 | |
| CVE-2009-4452 json | Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and ... | Not Provided | 2009-12-29 | 2026-04-23 |
| CVE-2009-0449 json | Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain priv... | Not Provided | 2009-02-10 | 2026-04-23 |
| CVE-2008-5426 json | Kaspersky Internet Security Suite 2009 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and ... | Not Provided | 2008-12-11 | 2026-04-23 |
| CVE-2008-1518 json | Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local use... | Not Provided | 2008-06-05 | 2026-04-23 |
| CVE-2007-5086 json | Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service ... | Not Provided | 2007-09-26 | 2026-04-23 |
| CVE-2007-5043 json | Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT)... | Not Provided | 2007-09-24 | 2026-04-23 |
| CVE-2007-4206 json | Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets incorrect permissions for application files in certain upg... | Not Provided | 2007-08-08 | 2026-04-23 |
| CVE-2007-3906 json | Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow at... | Not Provided | 2007-07-19 | 2026-04-23 |
| CVE-2007-3675 json | Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Sca... | Not Provided | 2007-10-12 | 2026-04-23 |
| CVE-2007-3502 json | Unspecified vulnerability in the web-based product configuration system in Kaspersky Anti-Spam before 3.0 MP1 allows remote a... | Not Provided | 2007-06-30 | 2026-04-23 |
| CVE-2007-1881 json | Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Se... | Not Provided | 2007-04-06 | 2026-04-23 |
| CVE-2007-1880 json | Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus ... | Not Provided | 2007-04-06 | 2026-04-23 |
| CVE-2007-1879 json | The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security... | Not Provided | 2007-04-06 | 2026-04-23 |
| CVE-2007-1281 json | Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (C... | Not Provided | 2007-03-06 | 2026-04-23 |
| CVE-2007-1112 json | Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll)... | Not Provided | 2007-04-06 | 2026-04-23 |
| CVE-2007-0445 json | Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations... | Not Provided | 2007-04-06 | 2026-04-23 |
| CVE-2007-0125 json | Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering... | Not Provided | 2007-01-09 | 2026-04-23 |
| CVE-2006-6408 json | Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid cha... | Not Provided | 2006-12-10 | 2026-04-23 |
| CVE-2006-4926 json | The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kas... | Not Provided | 2006-10-20 | 2026-04-23 |