Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-12271
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 prior to 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone...
Sophos Sfos 17.1
Sophos Sfos 17.0
Sophos Sfos 18.0
Sophos Sfos 17.5
8.8
CVSSv3
CVE-2020-10947
Mac Endpoint for Sophos Central prior to 9.9.6 and Mac Endpoint for Sophos Home prior to 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central
Sophos Anti-virus For Sophos Home
NA
CVE-2008-6903
Sophos Anti-Virus for Windows prior to 7.6.3, Anti-Virus for Windows NT/9x prior to 4.7.18, Anti-Virus for OS X prior to 4.9.18, Anti-Virus for Linux prior to 6.4.5, Anti-Virus for UNIX prior to 7.0.5, Anti-Virus for Unix and Netware prior to 4.37.0, Sophos EM Library, and Sophos...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
NA
CVE-2008-6904
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) a...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
7.2
CVSSv3
CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
Sophos Firewall 19.0
Sophos Firewall 18.5
Sophos Firewall
NA
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
6.8
CVSSv3
CVE-2014-2005
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x prior to 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate malicious users to obtain desktop access by leveraging the absence o...
Sophos Enterprise Console 5.2
Sophos Enterprise Console
Sophos Enterprise Console 5.2.1
Sophos Enterprise Console 5.1
NA
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x up to and including 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physicall...
Sophos Safeguard Enterprise Device Encryption 5.50.8
Sophos Safeguard Enterprise Device Encryption 5.50.0
Sophos Safeguard Enterprise Device Encryption 5.40.0
Sophos Safeguard Enterprise Device Encryption 5.35.3
Sophos Safeguard Enterprise Device Encryption 5.35.2
Sophos Safeguard Enterprise Device Encryption 5.35.1
Sophos Safeguard Enterprise Device Encryption 5.6
Sophos Safeguard Enterprise Device Encryption 5.50.1
Sophos Safeguard Enterprise Device Encryption 5.35.0
Sophos Safeguard Easy Device Encryption Client 5.50.1
Sophos Safeguard Easy Device Encryption Client 5.50.8
Sophos Safeguard Easy Device Encryption Client 5.50.0
Sophos Disk Encryption 5.50.0
Sophos Disk Encryption 5.50.1
Sophos Disk Encryption 5.50.8
7.8
CVSSv3
CVE-2018-6852
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. By crafting an input buffer we can control the execution path to the point where the nt!memset f...
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00.1
1 Article
7.8
CVSSv3
CVE-2018-6853
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. By crafting an input buffer we can control the execution path to the point where a global variab...
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Easy Device Encryption Client 6.10
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »