Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos sophos anti-virus vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-10947
Mac Endpoint for Sophos Central prior to 9.9.6 and Mac Endpoint for Sophos Home prior to 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central
Sophos Anti-virus For Sophos Home
7.8
CVSSv3
CVE-2018-9233
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for malicious users to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow...
Sophos Endpoint Protection 10.7
1 EDB exploit
5.5
CVSSv3
CVE-2018-0202
clamscan in ClamAV prior to 0.99.4 contains a vulnerability that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Porta...
Clamav Clamav
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 7.0
1 Github repository
5.5
CVSSv3
CVE-2018-1000085
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR...
Clamav Clamav 0.99.3
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
7.8
CVSSv3
CVE-2017-6419
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
Libmspack Project Libmspack 0.5
5.5
CVSSv3
CVE-2017-11423
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
Libmspack Project Libmspack 0.5
9.8
CVSSv3
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
NA
CVE-2014-2385
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux prior to 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:Exclude...
Sophos Anti-virus
NA
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
NA
CVE-2012-1443
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft ...
Ikarus Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0
Emsisoft Anti-malware 5.1.0.1
Trendmicro Housecall 9.120.0.1004
Kaspersky Kaspersky Anti-virus 7.0.0.125
Mcafee Scan Engine 5.400.0.1158
Pandasecurity Panda Antivirus 10.0.2.7
Mcafee Gateway 2010.1c
Ahnlab V3 Internet Security 2011.01.18.00
Avg Avg Anti-virus 10.0.0.1190
Cat Quick Heal 11.00
Gdata-software G Data Antivirus 21
Virusbuster Virusbuster 13.6.151.0
Fortinet Fortinet Antivirus 4.2.254.0
Sophos Sophos Anti-virus 4.61.0
Eset Nod32 Antivirus 5795
Bitdefender Bitdefender 7.2
Aladdin Esafe 7.0.17.0
Anti-virus Vba32 3.12.14.2
Symantec Endpoint Protection 11.0
Authentium Command Antivirus 5.2.11.5
Antiy Avl Sdk 2.0.3.7
K7computing Antivirus 9.77.3565
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »