Browse all 28 CVE security advisories affecting Kaspersky. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kaspersky operates as a global cybersecurity firm, primarily providing endpoint protection and threat intelligence services to consumers and enterprises. Its software suite, widely deployed for malware detection and network security, has historically been subject to various vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation flaws within its management consoles and update mechanisms. With twenty-eight Common Vulnerabilities and Exposures currently on record, these issues often stem from complex codebases and third-party dependencies rather than fundamental architectural failures. While the company maintains robust defensive capabilities, past incidents have occasionally highlighted risks associated with its Russian origins, leading to bans in certain U.S. government sectors. Despite geopolitical scrutiny, the technical profile remains that of a major security vendor where standard software development lifecycle vulnerabilities persist, requiring continuous patching and rigorous access controls to mitigate potential exploitation by threat actors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-35929 | Kaspersky TinyCheck 信任管理问题漏洞 — TinyCheck | 9.8 | - | 2021-01-19 |
This page lists every published CVE security advisory associated with Kaspersky. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.