Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos sophos anti-virus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10947
Mac Endpoint for Sophos Central prior to 9.9.6 and Mac Endpoint for Sophos Home prior to 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central
Sophos Anti-virus For Sophos Home
2.1
CVSSv2
CVE-2018-9233
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for malicious users to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow...
Sophos Endpoint Protection 10.7
1 EDB exploit
4.3
CVSSv2
CVE-2018-0202
clamscan in ClamAV prior to 0.99.4 contains a vulnerability that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Porta...
Clamav Clamav
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 7.0
1 Github repository
4.3
CVSSv2
CVE-2018-1000085
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR...
Clamav Clamav 0.99.3
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
6.8
CVSSv2
CVE-2017-6419
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
Libmspack Project Libmspack 0.5
4.3
CVSSv2
CVE-2017-11423
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
Libmspack Project Libmspack 0.5
10
CVSSv2
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
4.3
CVSSv2
CVE-2014-2385
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux prior to 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:Exclude...
Sophos Anti-virus
5.6
CVSSv2
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
4.3
CVSSv2
CVE-2012-1456
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangm...
Aladdin Esafe 7.0.17.0
F-prot F-prot Antivirus 4.6.2.117
Norman Norman Antivirus \\& Antispyware 6.06.12
Pandasecurity Panda Antivirus 10.0.2.7
Comodo Comodo Antivirus 7424
Emsisoft Anti-malware 5.1.0.1
Mcafee Scan Engine 5.400.0.1158
Mcafee Gateway 2010.1c
Eset Nod32 Antivirus 5795
Trendmicro Trend Micro Antivirus 9.120.0.1004
Fortinet Fortinet Antivirus 4.2.254.0
Ikarus Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0
Rising-global Rising Antivirus 22.83.00.03
Sophos Sophos Anti-virus 4.61.0
Avg Avg Anti-virus 10.0.0.1190
Cat Quick Heal 11.00
Jiangmin Jiangmin Antivirus 13.0.900
Kaspersky Kaspersky Anti-virus 7.0.0.125
Symantec Endpoint Protection 11.0
Trendmicro Housecall 9.120.0.1004
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »