threat
engine
.sh
Back
·
··:··
Home
/
Product
/
f secure safe
Product
f secure safe
30 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-25595
all versions
A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force a
9.8
CRITICAL
CVE-2023-35801
< 2022.2.5
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editi
8.1
HIGH
CVE-2023-2904
>= 5.8.0 and <= 5.11.3
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields
7.3
HIGH
CVE-2022-47524
<= 19.1
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.
5.4
MEDIUM
CVE-2022-38164
<= 19.0
A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phi
6.5
MEDIUM
CVE-2022-38163
<= 19.0
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and d
3.5
LOW
CVE-2022-38340
< 2021.2.6
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the compone
9.1
CRITICAL
CVE-2022-38339
< 2021.2.6
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attacke
9.6
CRITICAL
CVE-2022-38341
>= 2021.2.3 and < 2021.2.6
Safe Software FME Server v2021.2.5 and below does not employ server-side validation.
7.1
HIGH
CVE-2022-38342
< 2021.2.6.0
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a XML External Entity (XXE) vulnerability whic
8.5
HIGH
CVE-2022-28873
<= 19.0
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functio
4.3
MEDIUM
CVE-2022-28872
<= 19.0
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with ad
4.3
MEDIUM
CVE-2022-28870
<= 18.6
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with ad
4.3
MEDIUM
CVE-2022-28869
<= 18.6
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with ad
4.3
MEDIUM
CVE-2022-28868
<= 18.6
An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted maliciou
4.3
MEDIUM
CVE-2021-44751
< 18.5
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScrip
4.3
MEDIUM
CVE-2021-44749
all versions
A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universa
5.5
MEDIUM
CVE-2021-44748
all versions
A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can
5.5
MEDIUM
CVE-2021-40835
< 18.3
An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malici
4.6
MEDIUM
CVE-2021-40834
<= 17.9
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted
4.3
MEDIUM
CVE-2021-33595
< 18.4.272901
A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while l
3.5
LOW
CVE-2021-33594
< 18.4.0
An address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted a malici
3.5
LOW
CVE-2021-33596
< 18.4.272901
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the co
3.5
LOW
CVE-2020-22790
all versions
Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to execute codeby injecting arbitr
5.4
MEDIUM
CVE-2020-22789
all versions
Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to gain admin privileges by inje
6.1
MEDIUM
CVE-2020-14978
all versions
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a
8.1
HIGH
CVE-2020-14977
all versions
An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allo
8.1
HIGH
CVE-2019-11644
< 17.6
In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus be
7.8
HIGH
CVE-2018-20402
<= 2018.1
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator acc
8.8
HIGH
CVE-2010-1168
all versions
The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) S
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin