Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-6412
In Sophos Web Appliance (SWA) prior to 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
Sophos Web Appliance
1 EDB exploit
7.8
CVSSv3
CVE-2022-0652
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local malicious user to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
Sophos Unified Threat Management
7.8
CVSSv3
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege.
Sophos Hitmanpro.alert
7.8
CVSSv3
CVE-2020-9363
The Sophos AV parsing engine prior to 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply t...
Sophos Cloud Optix
Sophos Endpoint Protection
Sophos Intercept X Endpoint
Sophos Intercept X For Server
Sophos Mobile
Sophos Secure Web Gateway
7.8
CVSSv3
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An atta...
Sophos Hitmanpro.alert 3.7.6.744
7.8
CVSSv3
CVE-2018-6851
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DW...
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Easy Device Encryption Client 7.00
1 Article
7.8
CVSSv3
CVE-2018-6853
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. By crafting an input buffer we can control the execution path to the point where a global variab...
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Easy Device Encryption Client 6.10
1 Article
7.8
CVSSv3
CVE-2018-6856
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variab...
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.00
1 Article
7.8
CVSSv3
CVE-2018-6857
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x...
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.00
1 Article
7.8
CVSSv3
CVE-2018-6852
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. By crafting an input buffer we can control the execution path to the point where the nt!memset f...
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00.1
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »