CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27359
https://notcve.org/view.php?id=CVE-2024-27359
25 Feb 2024 — Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-... • https://www.withsecure.com/en/support/security-advisories/cve-2034-n1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49321
https://notcve.org/view.php?id=CVE-2023-49321
26 Nov 2023 — Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Cie... • https://www.withsecure.com/en/support/security-advisories/cve-2023-49321 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49322
https://notcve.org/view.php?id=CVE-2023-49322
26 Nov 2023 — Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Cie... • https://www.withsecure.com/en/support/security-advisories/cve-2023-49322 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43766
https://notcve.org/view.php?id=CVE-2023-43766
22 Sep 2023 — Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten... • https://www.withsecure.com/en/support/security-advisories • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43760
https://notcve.org/view.php?id=CVE-2023-43760
22 Sep 2023 — Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Ser... • https://www.withsecure.com/en/support/security-advisories •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43761
https://notcve.org/view.php?id=CVE-2023-43761
22 Sep 2023 — Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Servicio (... • https://www.withsecure.com/en/support/security-advisories • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43765
https://notcve.org/view.php?id=CVE-2023-43765
22 Sep 2023 — Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la Denegación de Ser... • https://www.withsecure.com/en/support/security-advisories •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43767
https://notcve.org/view.php?id=CVE-2023-43767
22 Sep 2023 — Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten la De... • https://www.withsecure.com/en/support/security-advisories • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-44750 – Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-44750
09 Mar 2022 — An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands. Se encontró una vulnerabilidad de ejecución de código arbitrario en la herramienta de soporte de F-Secure. Un usuario estándar puede diseñar un archivo de configuración especial, que cuando es ejecutado por el administrador puede ejecutar cualquier comando • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9342 – F-SECURE Generic Malformed Container Bypass
https://notcve.org/view.php?id=CVE-2020-9342
22 Feb 2020 — The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. El motor de análisis de F-Secure AV antes del 05-02-2020, permite omitir la detección de virus mediante datos de Compression Method diseñados en un archivo GZIP. Esto afecta a las versiones anteriores a 17.0.605.474 (en Linux) de Cloud P... • http://packetstormsecurity.com/files/156506/F-SECURE-Generic-Malformed-Container-Bypass.html • CWE-436: Interpretation Conflict •