Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos mobile vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-3980
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
Sophos Mobile
7.8
CVSSv3
CVE-2020-9363
The Sophos AV parsing engine prior to 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply t...
Sophos Cloud Optix
Sophos Endpoint Protection
Sophos Intercept X Endpoint
Sophos Intercept X For Server
Sophos Mobile
Sophos Secure Web Gateway
8.6
CVSSv3
CVE-2016-6597
Sophos EAS Proxy prior to 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote malicious users to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability.
Sophos Mobile Control Eas Proxy
3.9
CVSSv3
CVE-2021-25266
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
Sophos Intercept X
Sophos Authenticator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started