Vulnerabilities > F Secure > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-23 | CVE-2020-14977 | Improper Input Validation vulnerability in F-Secure Safe 17.7 An issue was discovered in F-Secure SAFE 17.7 on macOS. | 9.3 |
| 2020-06-23 | CVE-2020-14978 | Missing Authorization vulnerability in F-Secure Safe 17.7 An issue was discovered in F-Secure SAFE 17.7 on macOS. | 9.3 |
| 2017-03-11 | CVE-2017-6466 | Improper Input Validation vulnerability in F-Secure Software Updater 2.20 F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. | 9.3 |
| 2007-06-20 | CVE-2007-3300 | Anti-Virus Products LHA and RAR Archives Scan Bypass vulnerability in F-Secure Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive. | 9.3 |
| 2007-05-31 | CVE-2007-2967 | Improper Input Validation vulnerability in F-Secure products Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. | 10.0 |
| 2006-12-10 | CVE-2006-6409 | Unspecified vulnerability in F-Secure Anti-Virus 4.65 F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 10.0 |
| 2005-09-02 | CVE-2005-2771 | Security Bypass vulnerability in F-Secure Ssh Server WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied. | 10.0 |
| 2004-08-18 | CVE-2004-0234 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. network low complexity clearswift f-secure rarlab redhat sgi stalker tsugio-okamoto winzip CWE-119 critical | 10.0 |