CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7240 – F-Secure Total Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7240
29 Jul 2024 — F-Secure Total Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of F-Secure Total. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. • https://www.zerodayinitiative.com/advisories/ZDI-24-1012 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27359
https://notcve.org/view.php?id=CVE-2024-27359
25 Feb 2024 — Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-... • https://www.withsecure.com/en/support/security-advisories/cve-2034-n1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49321
https://notcve.org/view.php?id=CVE-2023-49321
26 Nov 2023 — Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Cie... • https://www.withsecure.com/en/support/security-advisories/cve-2023-49321 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49322
https://notcve.org/view.php?id=CVE-2023-49322
26 Nov 2023 — Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Cie... • https://www.withsecure.com/en/support/security-advisories/cve-2023-49322 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43766
https://notcve.org/view.php?id=CVE-2023-43766
22 Sep 2023 — Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten... • https://www.withsecure.com/en/support/security-advisories • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43760
https://notcve.org/view.php?id=CVE-2023-43760
22 Sep 2023 — Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Ser... • https://www.withsecure.com/en/support/security-advisories •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43761
https://notcve.org/view.php?id=CVE-2023-43761
22 Sep 2023 — Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Servicio (... • https://www.withsecure.com/en/support/security-advisories • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43765
https://notcve.org/view.php?id=CVE-2023-43765
22 Sep 2023 — Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Ser... • https://www.withsecure.com/en/support/security-advisories •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43767
https://notcve.org/view.php?id=CVE-2023-43767
22 Sep 2023 — Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la De... • https://www.withsecure.com/en/support/security-advisories • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47524
https://notcve.org/view.php?id=CVE-2022-47524
23 Dec 2022 — F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. • https://www.f-secure.com/en/home/support/security-advisories/cve-2022-47524 •