Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Safe
(F\-Secure)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-25 | CVE-2021-44751 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In most modern Android OS, dialer application will require user interaction, however, some older Android OS may not need user interaction. | Safe | 5.3 | ||
| 2022-04-15 | CVE-2022-28868 | An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the content comes from the attacker controlled site. | Safe | 4.3 | ||
| 2022-04-15 | CVE-2022-28869 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number. | Safe | 4.3 | ||
| 2022-04-15 | CVE-2022-28870 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. | Safe | 4.3 | ||
| 2022-05-12 | CVE-2022-28872 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. | Safe | 8.8 | ||
| 2022-05-12 | CVE-2022-28873 | A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. | Safe | 4.3 | ||
| 2022-11-07 | CVE-2022-38164 | A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL. | Safe | 6.5 | ||
| 2022-12-23 | CVE-2022-47524 | F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. | Safe | 5.4 | ||
| 2019-05-17 | CVE-2019-11644 | In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The... | Client_security, Computer_protection, Internet_security, Psb_workstation_security, Safe | 7.8 |