Security advisory
Security advisory
| More | Date issued | Product | Action | |
|---|---|---|---|---|
|
|
CVE-2022-28874: Multiple Denial-of-Service (DoS) Vulnerabilities Multiple denial-of-service (DoS) vulnerabilities while scanning fuzzed PE32-bit files can eventually crash the scanning engine. |
|
More | |
|
|
CVE-2022-28871: Denial-of-Service (DoS) Vulnerability A denial-of-service (DoS) vulnerability in WithSecure component may crash the scanning engine. |
|
More | |
|
|
CVE-2022-22965: Vulnerability in Spring Framework Remote Code Execution affect WithSecure Products A critical vulnerability in the Spring framework affects the following products: F-Secure Policy Manager, F-Secure Policy Manager for Linux, F-Secure Policy Manager Proxy, and F-Secure Elements Connector. |
|
More | |
|
|
CVE-2021-44750: Arbitrary Code Execution WithSecure Support Tool (fsdiag) embedded within various WithSecure products for Microsoft Windows can be abused to execute arbitrary commands on the system. |
|
More | |
|
|
CVE-2021-44749: Universal Cross-Site Scripting Vulnerability in WithSecure SAFE Browser Protection for Android Vulnerabilities in the browser protection of WithSecure SAFE for Android could allow remote attacker to steal user's sessions cookie. |
|
More | |
|
|
CVE-2021-44748: Universal Cross-Site Scripting Vulnerability in WithSecure SAFE Browser for Android Vulnerabilities in the browser of WithSecure SAFE for Android could allow execution of JavaScript. |
|
More | |
|
|
CVE-2021-44747: Denial-of-Service (DoS) Vulnerability Crash while scanning fuzzed files can cause denial-of-service of the antivirus engine. |
|
More | |
|
|
CVE-2021-40837: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper & F-Secure Security Cloud |
|
More | |
|
|
CVE-2021-40836: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper |
|
More | |
|
|
CVE-2021-40835: URL Address Bar Spoofing in F-Secure SAFE Browser for iOS F-Secure SAFE Browser Version 18.3.x and below |
|
More | |
|
|
CVE-2021-40834: User interface Spoofing in F-Secure SAFE browser for Android F-Secure SAFE Browser Version 18.3.x and below |
|
More | |
|
|
CVE-2021-40833: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, and F-Secure Internet Gatekeeper |
|
More | |
|
|
CVE-2021-40832: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper, F-Secure Cloud Protection for Salesforce, and F-Secure Elements for Microsoft 365 |
|
More | |
|
|
CVE-2021-33603: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper, F-Secure Cloud Protection for Salesforce, and F-Secure Elements for Microsoft 365 |
|
More | |
|
|
CVE-2021-33602: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper, and F-Secure Cloud Protection for Salesforce |
|
More | |
|
|
CVE-2021-33601: Arbitrary Code Execution in Web Interface of F-Secure Internet Gatekeeper F-Secure Internet Gatekeeper 5 Series |
|
More | |
|
|
CVE-2021-33600: Denial-of-Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper F-Secure Internet Gatekeeper 5 Series |
|
More | |
|
|
CVE-2021-33599: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, and F-Secure Cloud Protection for Salesforce |
|
More | |
|
|
CVE-2021-33598: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products and F-Secure Linux Security |
|
More | |
|
|
CVE-2021-33596: Fake Apple Login Prompt in F-Secure SAFE Browser for iOS F-Secure SAFE Browser for iOS |
|
More | |
|
|
CVE-2021-33595: F-Secure SAFE Browser for iOS Vulnerable to Address Bar Spoofing F-Secure SAFE Browser for iOS |
|
More | |
|
|
CVE-2021-33594: F-Secure SAFE Browser for Android Vulnerable to Address Bar Spoofing F-Secure SAFE Browser for Android |
|
More | |
|
|
CVE-2021-33597: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products and F-Secure Security Cloud |
|
More | |
|
|
CVE-2021-33572: Denial-of-Service (DoS) Vulnerability All F-Secure endpoint protection products, F-Secure Security Cloud, F-Secure Elements for Microsoft 365, and F-Secure Cloud Protection for Salesforce |
|
More | |
|
|
FSC-2021-1: Reflected Cross-Site Scripting Vulnerability in F-Secure Cloud Protection for Salesforce F-Secure Cloud Protection for Salesforce
|
|
More | |
|
|
FSC-2020-3: Multiple Buffer Overflow Vulnerabilities in F-Secure Linux Security Multiple buffer overflow vulnerabilities can lead local privilege escalation. |
|
More | |
|
|
FSC-2020-2: Local Non-Root User Can Rename or Delete System FIles in Linux Security A local user can rename or delete arbitrary files owned by root in Linux Security. |
|
More | |
|
|
FSC-2020-1: CSRF Vulnerability in Web Interface of Linux Security Vulnerability in web user interface of the F-Secure Linux Security can lead to remotely disable product settings. |
|
More |
Other links
24/7 Incident hotline
Suspected data breach? End ransomware attacks, get Phishing Protection, and more. Contact our CREST-accredited cyber security incident response (CSIR) team now.
Discover more