CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-40836 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40836
22 Dec 2021 — A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Se ha detectado una vulnerabilidad que afecta al motor antivirus de F-Secure por la que el análisis de archivos .pst de MS outlook puede conllevar a una denegación de servicio. La vulnerabilidad puede ser explotada remotamente por un ata... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40835 – URL Address Bar Spoofing in F-Secure SAFE Browser for iOS
https://notcve.org/view.php?id=CVE-2021-40835
16 Dec 2021 — An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows th... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40834 – User interface Spoofing in F-Secure SAFE browser for Android
https://notcve.org/view.php?id=CVE-2021-40834
10 Dec 2021 — A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing attack. Se ha detectado una vulnerabilidad de superposición de la interfaz de usuario en F-secure SAFE Browser para Android. Cuando el usuario hace clic en una URL aparentemente legítima especialmente diseñada, el navegador SAFE pasa a... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-40833 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40833
26 Nov 2021 — A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Se ha detectado una vulnerabilidad que afecta al motor antivirus de F-Secure por la que el desempaquetado de archivos UPX puede conllevar a una denegación de servicio. La vulnerabilidad puede ser explotada remotamente por un atacante. • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-40832 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40832
08 Oct 2021 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant, por la que el componente del módulo de desempaquetado AVRDL usado en determinados productos ... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-33603 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33603
08 Oct 2021 — A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant por la que el componente del módulo AVPACK usado en determinados productos de F-Secure puede bloquears... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33602 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33602
06 Oct 2021 — A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Se ha detectado una vulnerabilidad que afecta al motor de F-Secure Antivirus cuando el motor intenta descomprimir un archivo zip (método de descompresión LZW), y esto puede bloquear el mot... • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33601 – Arbitrary Code Execution in Web Interface of F-Secure Internet Gatekeeper
https://notcve.org/view.php?id=CVE-2021-33601
28 Sep 2021 — A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server. Se ha detectado una vulnerabilidad en la interfaz de usuario web de F-Secure Internet Gatekeeper. Un usuario autenticado puede modificar la configuración mediante la interfaz de usuario web de forma que podría conllevar una ejecución de código arbit... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33600 – Denial of Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper
https://notcve.org/view.php?id=CVE-2021-33600
28 Sep 2021 — A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en la interfaz de usuario web de F-Secure... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-33599 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33599
07 Sep 2021 — A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Se ha detectado una vulnerabilidad que afecta al motor de F-Secure Antivirus por la que el escaneo de un archivo WIM puede conllevar a una denegación de servicio (bucle infinito y congelación del e... • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •