Skip to main content

Safe

18 CVEs product

Monthly

CVE-2025-25595 CRITICAL Act Now

A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Safe
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-2904 HIGH This Week

The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2022-47524 MEDIUM This Month

F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Safe
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-38164 MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Google Safe
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-38163 LOW Monitor

A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Google Safe
NVD
CVSS 3.1
3.5
EPSS
0.5%
CVE-2022-28873 MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-28872 HIGH This Week

A vulnerability affecting F-Secure SAFE browser was discovered. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-28870 MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-28869 MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-28868 MEDIUM This Month

An Address bar spoofing vulnerability was discovered in Safe Browser for Android. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Safe
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-40835 MEDIUM This Month

An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-40834 MEDIUM This Month

A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google XSS Safe
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-33595 LOW Monitor

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
CVSS 3.1
3.5
EPSS
1.1%
CVE-2021-33594 LOW Monitor

An address bar spoofing vulnerability was discovered in Safe Browser for Android. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Safe
NVD
CVSS 3.1
3.5
EPSS
1.1%
CVE-2021-33596 MEDIUM This Month

Showing the legitimate URL in the address bar while loading the content from other domain. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Safe
NVD
CVSS 3.1
4.1
EPSS
0.8%
CVE-2020-14978 HIGH POC This Week

An issue was discovered in F-Secure SAFE 17.7 on macOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Safe
NVD
CVSS 3.1
8.1
EPSS
3.1%
CVE-2020-14977 HIGH POC This Week

An issue was discovered in F-Secure SAFE 17.7 on macOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Safe
NVD
CVSS 3.1
8.1
EPSS
2.8%
CVE-2019-11644 HIGH This Week

In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Client Security Computer Protection Internet Security +2
NVD
CVSS 3.0
7.8
EPSS
1.3%
EPSS 0% CVSS 9.8
CRITICAL Act Now

A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Safe
NVD
EPSS 1% CVSS 7.3
HIGH This Week

The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Safe
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Google +1
NVD
EPSS 1% CVSS 3.5
LOW Monitor

A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Google +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability affecting F-Secure SAFE browser was discovered. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An Address bar spoofing vulnerability was discovered in Safe Browser for Android. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Safe
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google XSS Safe
NVD
EPSS 1% CVSS 3.5
LOW Monitor

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Safe
NVD
EPSS 1% CVSS 3.5
LOW Monitor

An address bar spoofing vulnerability was discovered in Safe Browser for Android. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Safe
NVD
EPSS 1% CVSS 4.1
MEDIUM This Month

Showing the legitimate URL in the address bar while loading the content from other domain. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Safe
NVD
EPSS 3% CVSS 8.1
HIGH POC This Week

An issue was discovered in F-Secure SAFE 17.7 on macOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Safe
NVD
EPSS 3% CVSS 8.1
HIGH POC This Week

An issue was discovered in F-Secure SAFE 17.7 on macOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Safe
NVD
EPSS 1% CVSS 7.8
HIGH This Week

In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Client Security +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy