CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Kaspersky 1Anti Virus For Linux Server May 13, 2026 Jul 17, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS). |
1Kaspersky 1Anti Virus For Linux Server May 13, 2026 Jul 17, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary...Show more |
1Kaspersky 1Anti Virus For Linux Server May 13, 2026 Jul 17, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operation...Show more |
1Kaspersky 1Anti Virus For Linux Server May 13, 2026 Jul 17, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authentic...Show more |