Vulnerabilities > F Secure

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-23	CVE-2020-14978	Missing Authorization vulnerability in F-Secure Safe 17.7 An issue was discovered in F-Secure SAFE 17.7 on macOS. network f-secure CWE-862 critical	9.3
2020-06-23	CVE-2020-14977	Improper Input Validation vulnerability in F-Secure Safe 17.7 An issue was discovered in F-Secure SAFE 17.7 on macOS. network f-secure CWE-20 critical	9.3
2020-02-22	CVE-2020-9342	Improper Input Validation vulnerability in F-Secure products The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. network f-secure CWE-20	4.3
2019-05-17	CVE-2019-11644	Uncontrolled Search Path Element vulnerability in F-Secure products In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. network f-secure CWE-427	6.8
2018-06-13	CVE-2018-10403	Improper Certificate Validation vulnerability in F-Secure Xfence An issue was discovered in F-Secure XFENCE and Little Flocker. network f-secure CWE-295	6.8
2018-02-16	CVE-2018-6324	Open Redirect vulnerability in F-Secure Radar 3.9.1 F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login. network f-secure CWE-601	5.8
2018-02-16	CVE-2018-6189	Cross-site Scripting vulnerability in F-Secure Radar 3.9.1 F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue. network f-secure CWE-79	4.3
2017-08-02	CVE-2015-8264	Untrusted Search Path vulnerability in F-Secure Online Scanner Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe. network f-secure CWE-426	6.8
2017-03-11	CVE-2017-6466	Improper Input Validation vulnerability in F-Secure Software Updater 2.20 F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. network f-secure CWE-20 critical	9.3
2014-04-18	CVE-2014-2844	Cross-Site Scripting vulnerability in F-Secure Secure Messaging Secure Gateway 7.5.0 Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin. network f-secure CWE-79	3.5

Vulnerabilities > F Secure {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"F Secure"}]}

Vulnerabilities > F Secure