Security advisories

Detailed information on public vulnerabilities in F-Secure products

2021

CVE ID	DATE ISSUED	TITLE	PRODUCTS
CVE-2021-33572	2021-06-03	Denial-of-Service (DoS) Vulnerability	All F-Secure endpoint protection products, F-Secure Security Cloud, F-Secure Elements for Microsoft 365, and F-Secure Cloud Protection for Salesforce
-	2021-01-27	FSC-2021-1: Reflected Cross-Site Scripting Vulnerability in F-Secure Cloud Protection for Salesforce	F-Secure Cloud Protection for Salesforce

2020

TITLE	DATE ISSUED
FSC-2020-3: Multiple Buffer Overflow Vulnerabilities in F-Secure Linux Security	2020-11-12
FSC-2020-2: Local Non-Root User Can Rename or Delete System FIles in Linux Security	2020-05-19
FSC-2020-1: CSRF Vulnerability in Web Interface of Linux Security	2020-05-19

Archives

TITLE	DATE ISSUED
FSC-2019-4: Authentication Bypass in F-Secure Server Security and F-Secure Email and Server Security	2019-09-05
FSC-2019-3: Unauthenticated Remote Code Execution in F-Secure Internet Gatekeeper	2019-07-11
FSC-2019-2: Local Code Execution Vulnerability in F-Secure Windows Endpoint Protection Products Installers	2019-05-16
FSC-2019-1: Local Code Execution Vulnerability in F-Secure Windows Endpoint Protection Products	2019-02-05
FSC-2018-3: Local Non-Root User Can Rename System Files	2018-10-16
FSC-2018-2: Remote Code Execution in F-Secure Windows Endpoint Protection Products	2018-06-01
FSC-2018-1: Multiple Memory Vulnerabilities	2018-02-01
FSC-2017-4: Universal Cross-Site Scripting in F-Secure SAFE For Windows	2017-12-06
FSC-2017-3: Memory data disclosure	2017-11-29
FSC-2017-2: Multiple vulnerabilities with F-Secure KEY for Desktop	2017-10-25
FSC-2017-1: Notice on KRACK vulnerability	2017-10-24
FSC-2016-2: Multiple browser plugin vulnerabilities with F-Secure KEY for Desktop	2016-07-19
FSC-2016-1: Multiple Issues with F-Secure SAFE for Mac	2016-05-03
FSC-2015-4: DLL Pre-loading attack in Online Scanner	2015-12-17
FSC-2015-3: Local Privilege Escalation	2015-09-01
FSC-2015-2: Path Traversal Vulnerability	2015-03-12
FSC-2015-1: Notice on "GHOST" glibc gethostbyname() Vulnerability	2015-02-05
FSC-2014-8: Notice on SSL3.0 "POODLE" Vulnerability	2014-10-23
FSC-2014-7: Notice on Bash "Shellshock" Vulnerability	2014-09-30
FSC-2014-6: Notice on Multiple OpenSSL Vulnerabilities	2014-06-19
FSC-2014-5: Remote File System Access	2014-05-30
FSC-2014-4: Address Bar Spoofing in F-Secure Safe Browser for iOS	2014-05-21
FSC-2014-3: Memory Dump Information Leak	2014-05-09
FSC-2014-2: Cross-site Scripting Vulnerability	2014-04-17
FSC-2014-1: Notice on OpenSSL 'Heartbleed' Vulnerability	2014-04-17

Vulnerability Reward Program

Report a vulnerability found in F-Secure services and products.

Hall of Fame

Researchers who have helped make our products safer.