Safe Browser
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6231 | Med | 0.38 | 5.9 | 0.00 | Aug 25, 2016 | Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | ||
| CVE-2021-33972 | 0.00 | — | 0.01 | Apr 19, 2023 | Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges. | |||
| CVE-2022-47524 | 0.00 | — | 0.00 | Dec 23, 2022 | F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. | |||
| CVE-2022-38164 | 0.00 | — | 0.00 | Nov 7, 2022 | A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL. | |||
| CVE-2022-38163 | 0.00 | — | 0.00 | Nov 7, 2022 | A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar. | |||
| CVE-2022-28873 | 0.00 | — | 0.00 | May 12, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. | |||
| CVE-2022-28872 | 0.00 | — | 0.00 | May 12, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. | |||
| CVE-2022-28869 | 0.00 | — | 0.00 | Apr 15, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number. | |||
| CVE-2022-28868 | 0.00 | — | 0.00 | Apr 15, 2022 | An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the… | |||
| CVE-2022-28870 | 0.00 | — | 0.00 | Apr 15, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. | |||
| CVE-2021-44751 | 0.00 | — | 0.00 | Mar 25, 2022 | A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform… | |||
| CVE-2021-40835 | 0.00 | — | 0.00 | Dec 16, 2021 | An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from… | |||
| CVE-2021-40834 | 0.00 | — | 0.00 | Dec 10, 2021 | A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing… | |||
| CVE-2021-33596 | 0.00 | — | 0.00 | Aug 5, 2021 | Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL… |
- risk 0.38cvss 5.9epss 0.00
Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.
- CVE-2021-33972Apr 19, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.
- CVE-2022-47524Dec 23, 2022risk 0.00cvss —epss 0.00
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.
- CVE-2022-38164Nov 7, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL.
- CVE-2022-38163Nov 7, 2022risk 0.00cvss —epss 0.00
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.
- CVE-2022-28873May 12, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
- CVE-2022-28872May 12, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.
- CVE-2022-28869Apr 15, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.
- CVE-2022-28868Apr 15, 2022risk 0.00cvss —epss 0.00
An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the…
- CVE-2022-28870Apr 15, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.
- CVE-2021-44751Mar 25, 2022risk 0.00cvss —epss 0.00
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform…
- CVE-2021-40835Dec 16, 2021risk 0.00cvss —epss 0.00
An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from…
- CVE-2021-40834Dec 10, 2021risk 0.00cvss —epss 0.00
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing…
- CVE-2021-33596Aug 5, 2021risk 0.00cvss —epss 0.00
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL…