Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-25223
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
Sophos Unified Threat Management
Sophos Unified Threat Management 9.511
Sophos Unified Threat Management 9.607
Sophos Unified Threat Management 9.705
3 Github repositories
10
CVSSv2
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS prior to 10.6.6 MR-6 allows remote malicious users to execute arbitrary commands via the Web Admin and SSL VPN consoles.
Sophos Cyberoamos 10.6.6
Sophos Cyberoamos
10
CVSSv2
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits
2 Metasploit modules
168 Github repositories
10 Articles
10
CVSSv2
CVE-2017-6315
Astaro Security Gateway (aka ASG) 7 allows remote malicious users to execute arbitrary code via a crafted request to index.plx.
Sophos Astaro Security Gateway Firmware 7.500
Sophos Astaro Security Gateway Firmware 7.506
1 EDB exploit
10
CVSSv2
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
10
CVSSv2
CVE-2014-5503
SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS prior to 10.6.1 GA allows remote malicious users to execute arbitrary SQL commands via the add_guest_user opcode.
Cyberoam Cyberoam Os
10
CVSSv2
CVE-2013-5932
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) prior to 9.105 has unknown impact and attack vectors.
Sophos Unified Threat Management Software 9.007
10
CVSSv2
CVE-2013-4983
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Sophos Web Appliance Firmware 3.0.1
Sophos Web Appliance Firmware 3.0.1.1
Sophos Web Appliance Firmware 3.0.2
Sophos Web Appliance Firmware 3.0.3
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.4
Sophos Web Appliance Firmware 3.2.5
Sophos Web Appliance Firmware 3.2.6
Sophos Web Appliance Firmware 3.2.7
Sophos Web Appliance Firmware 3.4.2
Sophos Web Appliance Firmware 3.4.3
Sophos Web Appliance Firmware 3.4.3.1
Sophos Web Appliance Firmware 3.4.4
Sophos Web Appliance Firmware 3.6.1
Sophos Web Appliance Firmware 3.6.1.1
Sophos Web Appliance Firmware 3.6.2
Sophos Web Appliance Firmware 3.6.2.1
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.6
Sophos Web Appliance Firmware 3.7.7
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.7.8.1
2 EDB exploits
10
CVSSv2
CVE-2008-6904
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) a...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
10
CVSSv2
CVE-2006-6335
Multiple buffer overflows in Sophos Anti-Virus scanning engine prior to 2.40 allow remote malicious users to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calc...
Sophos Sophos Anti-virus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »