Vulnerabilities (CVE)

Filtered by vendor F-secure Subscribe
Total 121 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38166 3 Apple, F-secure, Microsoft 3 Macos, Elements Endpoint Protection, Windows 2024-11-21 N/A 7.5 HIGH
In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.
CVE-2022-38164 1 F-secure 1 Safe 2024-11-21 N/A 6.5 MEDIUM
A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL.
CVE-2022-38163 1 F-secure 1 Safe 2024-11-21 N/A 3.5 LOW
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.
CVE-2022-28887 3 Apple, F-secure, Microsoft 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more 2024-11-21 N/A 4.3 MEDIUM
Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash.
CVE-2022-28886 1 F-secure 5 Cloud Protection For Salesforce, Collaboration Protection, Elements Endpoint Protection and 2 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine
CVE-2022-28885 1 F-secure 2 Atlant, Linux Security 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request.
CVE-2022-28884 2 F-secure, Withsecure 4 Internet Gatekeeper, Linux Security, Business Suite and 1 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine.
CVE-2022-28883 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 N/A 3.5 LOW
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28882 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28881 3 Apple, F-secure, Microsoft 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28880 3 Apple, F-secure, Microsoft 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28879 2 Apple, F-secure 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.
CVE-2022-28878 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.
CVE-2022-28877 2 F-secure, Microsoft 2 Elements Endpoint Protection, Windows 2024-11-21 N/A 4.3 MEDIUM
This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.
CVE-2022-28876 3 Apple, F-secure, Microsoft 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more 2024-11-21 N/A 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28875 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28874 4 Apple, F-secure, Microsoft and 1 more 7 Macos, Atlant, Elements Endpoint Protection and 4 more 2024-11-21 5.0 MEDIUM 4.3 MEDIUM
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28873 1 F-secure 1 Safe 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
CVE-2022-28872 1 F-secure 1 Safe 2024-11-21 6.8 MEDIUM 4.3 MEDIUM
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.
CVE-2022-28871 3 Apple, F-secure, Microsoft 4 Mac Os X, Macos, Atlant and 1 more 2024-11-21 5.0 MEDIUM 4.3 MEDIUM
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.