Vulnerabilities > F Secure > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-33602 | Unspecified vulnerability in F-Secure products A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. | 5.3 |
| 2021-09-07 | CVE-2021-33599 | Infinite Loop vulnerability in F-Secure products A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). | 5.5 |
| 2021-08-23 | CVE-2021-33598 | Unspecified vulnerability in F-Secure products A Denial-of-Service (DoS) vulnerability was discovered in all versions of F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. | 6.5 |
| 2021-08-05 | CVE-2021-33596 | Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe Showing the legitimate URL in the address bar while loading the content from other domain. | 4.1 |
| 2021-08-05 | CVE-2021-33597 | Unspecified vulnerability in F-Secure products A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. | 5.5 |
| 2021-06-21 | CVE-2021-33572 | NULL Pointer Dereference vulnerability in F-Secure products A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. | 6.5 |
| 2020-02-22 | CVE-2020-9342 | Interpretation Conflict vulnerability in F-Secure products The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. | 5.5 |
| 2018-02-16 | CVE-2018-6324 | Open Redirect vulnerability in F-Secure Radar 3.9.1 F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login. | 6.1 |
| 2018-02-16 | CVE-2018-6189 | Cross-site Scripting vulnerability in F-Secure Radar 3.9.1 F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue. | 6.1 |