WithSecure
Products
14- 20 CVEs
- 14 CVEs
- 8 CVEs
- 5 CVEs
- 5 CVEs
- 4 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
43| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45520 | Hig | 0.49 | 7.5 | 0.00 | Dec 1, 2024 | WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file. | ||
| CVE-2024-27359 | Hig | 0.49 | 7.5 | 0.00 | Feb 26, 2024 | Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements… | ||
| CVE-2024-27357 | Med | 0.38 | 5.8 | 0.00 | Jul 26, 2024 | An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins. | ||
| CVE-2024-47193 | Med | 0.36 | 5.5 | 0.00 | Nov 29, 2024 | WithSecure Elements Agent for Mac before 24.3, MDR before 24.3, and Elements Client Security for Mac before 16.10 allow a remote Denial of Service. | ||
| CVE-2024-27358 | Low | 0.21 | 3.3 | 0.00 | Jul 26, 2024 | An issue was discovered in WithSecure Elements Agent through 23.x for macOS and WithSecure Elements Client Security through 23.x for macOS. Local users can block an admin from completing an installation, aka a Denial-of-Service (DoS). | ||
| CVE-2024-4454 | 0.00 | — | 0.00 | May 22, 2024 | WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an… | |||
| CVE-2024-23764 | 0.00 | — | 0.00 | Feb 8, 2024 | Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later. | |||
| CVE-2023-49322 | 0.00 | — | 0.00 | Nov 26, 2023 | Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements… | |||
| CVE-2023-49321 | 0.00 | — | 0.00 | Nov 26, 2023 | Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements… | |||
| CVE-2023-47172 | 0.00 | — | 0.00 | Nov 20, 2023 | Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later. | |||
| CVE-2023-47263 | 0.00 | — | 0.00 | Nov 16, 2023 | Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17… | |||
| CVE-2023-47264 | 0.00 | — | 0.00 | Nov 16, 2023 | Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may cause a denial of service (DoS). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint… | |||
| CVE-2023-43760 | 0.00 | — | 0.00 | Sep 22, 2023 | Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for… | |||
| CVE-2023-43767 | 0.00 | — | 0.00 | Sep 22, 2023 | Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client… | |||
| CVE-2023-43763 | 0.00 | — | 0.00 | Sep 22, 2023 | Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux. | |||
| CVE-2023-43765 | 0.00 | — | 0.00 | Sep 22, 2023 | Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for… | |||
| CVE-2023-43762 | 0.00 | — | 0.02 | Sep 22, 2023 | Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15. | |||
| CVE-2023-42526 | 0.00 | — | 0.00 | Sep 18, 2023 | Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and… | |||
| CVE-2023-42520 | 0.00 | — | 0.00 | Sep 18, 2023 | Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,… | |||
| CVE-2023-42521 | 0.00 | — | 0.00 | Sep 18, 2023 | Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,… |
- risk 0.49cvss 7.5epss 0.00
WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file.
- risk 0.49cvss 7.5epss 0.00
Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…
- risk 0.38cvss 5.8epss 0.00
An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins.
- risk 0.36cvss 5.5epss 0.00
WithSecure Elements Agent for Mac before 24.3, MDR before 24.3, and Elements Client Security for Mac before 16.10 allow a remote Denial of Service.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in WithSecure Elements Agent through 23.x for macOS and WithSecure Elements Client Security through 23.x for macOS. Local users can block an admin from completing an installation, aka a Denial-of-Service (DoS).
- CVE-2024-4454May 22, 2024risk 0.00cvss —epss 0.00
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an…
- CVE-2024-23764Feb 8, 2024risk 0.00cvss —epss 0.00
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later.
- CVE-2023-49322Nov 26, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…
- CVE-2023-49321Nov 26, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…
- CVE-2023-47172Nov 20, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.
- CVE-2023-47263Nov 16, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17…
- CVE-2023-47264Nov 16, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may cause a denial of service (DoS). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint…
- CVE-2023-43760Sep 22, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for…
- CVE-2023-43767Sep 22, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client…
- CVE-2023-43763Sep 22, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux.
- CVE-2023-43765Sep 22, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for…
- CVE-2023-43762Sep 22, 2023risk 0.00cvss —epss 0.02
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
- CVE-2023-42526Sep 18, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and…
- CVE-2023-42520Sep 18, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…
- CVE-2023-42521Sep 18, 2023risk 0.00cvss —epss 0.00
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…