VYPR

SAFE Browser

by F-Secure

CVEs (10)

  • CVE-2022-38164MedNov 7, 2022
    risk 0.42cvss 6.5epss 0.00

    A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL.

  • CVE-2021-44748MedMar 6, 2022
    risk 0.36cvss 5.5epss 0.01

    A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User…

  • CVE-2022-47524MedDec 23, 2022
    risk 0.35cvss 5.4epss 0.00

    F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.

  • CVE-2022-28873MedMay 12, 2022
    risk 0.28cvss 4.3epss 0.01

    A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.

  • CVE-2022-28872MedMay 12, 2022
    risk 0.28cvss 4.3epss 0.00

    A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.

  • CVE-2022-28870MedApr 15, 2022
    risk 0.28cvss 4.3epss 0.00

    A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.

  • CVE-2022-28869MedApr 15, 2022
    risk 0.28cvss 4.3epss 0.00

    A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.

  • CVE-2021-44751MedMar 25, 2022
    risk 0.28cvss 4.3epss 0.01

    A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform…

  • CVE-2022-38163LowNov 7, 2022
    risk 0.23cvss 3.5epss 0.01

    A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.

  • CVE-2021-33596LowAug 5, 2021
    risk 0.23cvss 3.5epss 0.01

    Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL…