F-Secure Email And Server Security vulnerabilities

9 known vulnerabilities affecting f-secure/email_and_server_security.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2023-49322HIGHCVSS 7.5v15.002023-11-27
CVE-2023-49322 [HIGH] CVE-2023-49322: Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Eleme
nvd
CVE-2023-49321MEDIUMCVSS 5.3v15.002023-11-27
CVE-2023-49321 [MEDIUM] CVE-2023-49321: Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long t Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure El
nvd
CVE-2023-43760HIGHCVSS 7.5v15.002023-09-22
CVE-2023-43760 [HIGH] CVE-2023-43760: Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security
nvd
CVE-2023-43761HIGHCVSS 7.5v15.002023-09-22
CVE-2023-43761 [HIGH] CWE-835 CVE-2023-43761: Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security
nvd
CVE-2023-43765HIGHCVSS 7.5v15.002023-09-22
CVE-2023-43765 [HIGH] CVE-2023-43765: Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security
nvd
CVE-2023-43767HIGHCVSS 7.5v15.002023-09-22
CVE-2023-43767 [HIGH] CWE-400 CVE-2023-43767: Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affe Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 an
nvd
CVE-2023-43766HIGHCVSS 7.8v15.002023-09-22
CVE-2023-43766 [HIGH] CWE-269 CVE-2023-43766: Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. Thi Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac
nvd
CVE-2020-9342MEDIUMCVSS 5.5fixed in 17.0.605.4742020-02-22
CVE-2020-9342 [MEDIUM] CWE-436 CVE-2020-9342: The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compressi The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.
nvd
CVE-2013-7369HIGHCVSS 7.5v9.202014-04-18
CVE-2013-7369 [HIGH] CWE-89 CVE-2013-7369: SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Vi SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to
nvd