SAFE Browser
by F-Secure
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38164 | Med | 0.42 | 6.5 | 0.00 | Nov 7, 2022 | A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL. | ||
| CVE-2021-44748 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User… | ||
| CVE-2022-47524 | Med | 0.35 | 5.4 | 0.00 | Dec 23, 2022 | F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. | ||
| CVE-2022-28873 | Med | 0.28 | 4.3 | 0.01 | May 12, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. | ||
| CVE-2022-28872 | Med | 0.28 | 4.3 | 0.00 | May 12, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. | ||
| CVE-2022-28870 | Med | 0.28 | 4.3 | 0.00 | Apr 15, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. | ||
| CVE-2022-28869 | Med | 0.28 | 4.3 | 0.00 | Apr 15, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number. | ||
| CVE-2021-44751 | Med | 0.28 | 4.3 | 0.01 | Mar 25, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform… | ||
| CVE-2022-38163 | Low | 0.23 | 3.5 | 0.01 | Nov 7, 2022 | A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar. | ||
| CVE-2021-33596 | Low | 0.23 | 3.5 | 0.01 | Aug 5, 2021 | Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL… |
- risk 0.42cvss 6.5epss 0.00
A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL.
- risk 0.36cvss 5.5epss 0.01
A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User…
- risk 0.35cvss 5.4epss 0.00
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.
- risk 0.28cvss 4.3epss 0.01
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
- risk 0.28cvss 4.3epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.
- risk 0.28cvss 4.3epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.
- risk 0.28cvss 4.3epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.
- risk 0.28cvss 4.3epss 0.01
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform…
- risk 0.23cvss 3.5epss 0.01
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.
- risk 0.23cvss 3.5epss 0.01
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL…