CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-28875 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2022-28875
25 May 2022 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant y en determinados productos WithSecure por la que el escaneo del componente aemobile puede bloquear el motor de escaneo. La explotación puede ser activado remotamente por un atacante • https://www.f-secure.com/en/business/support-and-downloads/security-advisories • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44747 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-44747
01 Mar 2022 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en F-Secure Linux Security por la que el componente Fmlib usado en determinados productos de F-Secure puede bloquearse mientras s... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-40837 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40837
09 Feb 2022 — A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Se ha detectado una vulnerabilidad que afecta al motor antivirus de F-Secure versiones anteriores a la actualización 2022-02-01_01 de Capricorn, por la que una descompresión del archivo ACE causa la ... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-40836 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40836
22 Dec 2021 — A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Se ha detectado una vulnerabilidad que afecta al motor antivirus de F-Secure por la que el análisis de archivos .pst de MS outlook puede conllevar a una denegación de servicio. La vulnerabilidad puede ser explotada remotamente por un ata... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-40833 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40833
26 Nov 2021 — A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Se ha detectado una vulnerabilidad que afecta al motor antivirus de F-Secure por la que el desempaquetado de archivos UPX puede conllevar a una denegación de servicio. La vulnerabilidad puede ser explotada remotamente por un atacante. • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-40832 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40832
08 Oct 2021 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant, por la que el componente del módulo de desempaquetado AVRDL usado en determinados productos ... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-33603 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33603
08 Oct 2021 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant por la que el componente del módulo AVPACK usado en determinados productos de F-Secure puede bloquears... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33602 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33602
06 Oct 2021 — A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Se ha detectado una vulnerabilidad que afecta al motor de F-Secure Antivirus cuando el motor intenta descomprimir un archivo zip (método de descompresión LZW), y esto puede bloquear el mot... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9342 – F-SECURE Generic Malformed Container Bypass
https://notcve.org/view.php?id=CVE-2020-9342
22 Feb 2020 — The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. El motor de análisis de F-Secure AV antes del 05-02-2020, permite omitir la detección de virus mediante datos de Compression Method diseñados en un archivo GZIP. Esto afecta a las versiones anteriores a 17.0.605.474 (en Linux) de Cloud P... • http://packetstormsecurity.com/files/156506/F-SECURE-Generic-Malformed-Container-Bypass.html • CWE-436: Interpretation Conflict •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-11644
https://notcve.org/view.php?id=CVE-2019-11644
17 May 2019 — In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The rm.exe process th... • https://www.f-secure.com/en/web/labs_global/fsc-2019-2 • CWE-427: Uncontrolled Search Path Element •