VYPR
Vendor

WithSecure

Products
14
CVEs
41
Across products
67
Status
Private

Products

14

Recent CVEs

41
View all 41 CVEs →
  • CVE-2023-43762CriSep 22, 2023
    risk 0.64cvss 9.8epss 0.01

    Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.

  • CVE-2022-38165CriNov 17, 2022
    risk 0.64cvss 9.8epss 0.01

    Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server.

  • CVE-2023-47172HigNov 20, 2023
    risk 0.51cvss 7.8epss 0.00

    Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.

  • CVE-2024-45520HigDec 1, 2024
    risk 0.49cvss 7.5epss 0.00

    WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file.

  • CVE-2024-27359HigFeb 26, 2024
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…

  • CVE-2023-49322HigNov 27, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…

  • CVE-2023-47264HigNov 16, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may cause a denial of service (DoS). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint…

  • CVE-2023-47263HigNov 16, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17…

  • CVE-2023-43767HigSep 22, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client…

  • CVE-2023-43765HigSep 22, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for…

  • CVE-2023-43760HigSep 22, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for…

  • CVE-2023-42524HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…

  • CVE-2023-42523HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure…

  • CVE-2023-42522HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17…

  • CVE-2023-42521HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…

  • CVE-2023-42526HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and…

  • CVE-2023-42520HigSep 18, 2023
    risk 0.49cvss 7.5epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…

  • CVE-2023-43763MedSep 22, 2023
    risk 0.40cvss 6.1epss 0.00

    Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux.

  • CVE-2022-38162MedOct 25, 2022
    risk 0.40cvss 6.1epss 0.01

    Reflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a malicious input.

  • CVE-2024-27357MedJul 26, 2024
    risk 0.38cvss 5.8epss 0.00

    An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins.