Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10947
Mac Endpoint for Sophos Central prior to 9.9.6 and Mac Endpoint for Sophos Home prior to 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central
Sophos Anti-virus For Sophos Home
6.5
CVSSv2
CVE-2018-16116
SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated malicious users to execute arbitrary SQL commands via the "username" GET parameter.
Sophos Sfos 17.0.8
6.5
CVSSv2
CVE-2017-6183
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
Sophos Web Appliance
6.5
CVSSv2
CVE-2017-6184
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
Sophos Web Appliance
6.4
CVSSv2
CVE-2006-5647
Sophos Anti-Virus and Endpoint Security prior to 6.0.5, Anti-Virus for Linux prior to 5.0.10, and other platforms prior to 4.11 allows remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large...
Sophos Anti-virus 4.04
Sophos Anti-virus 4.05
Sophos Endpoint Security
Sophos Anti-virus 4.7.2
Sophos Anti-virus 5.0.1
Sophos Anti-virus 5.0.2
Sophos Anti-virus 5.0.4
Sophos Anti-virus 4.5.11
Sophos Anti-virus 4.5.3
Sophos Anti-virus 4.7.1
Sophos Anti-virus 5.1
Sophos Anti-virus 5.2.1
Sophos Anti-virus 4.5.12
Sophos Anti-virus 4.5.4
Sophos Anti-virus 5.2
Sophos Anti-virus 6.0.4
1 EDB exploit
6.2
CVSSv2
CVE-2010-5177
Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space ...
Sophos Sophos Endpoint Security And Control 9.0.5
6
CVSSv2
CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.
Sophos Firewall Firmware
5.7
CVSSv2
CVE-2015-8605
ISC DHCP 4.x prior to 4.1-ESV-R12-P1, 4.2.x, and 4.3.x prior to 4.3.3-P1 allows remote malicious users to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
Sophos Unified Threat Management Up2date
Isc Dhcp 4.0.0
Isc Dhcp 4.0.1
Isc Dhcp 4.0.2
Isc Dhcp 4.0.3
Isc Dhcp 4.1-esv
Isc Dhcp 4.1.0
Isc Dhcp 4.1.1
Isc Dhcp 4.1.2
Isc Dhcp 4.2.0
Isc Dhcp 4.2.1
Isc Dhcp 4.2.2
Isc Dhcp 4.2.3
Isc Dhcp 4.2.4
Isc Dhcp 4.2.5
Isc Dhcp 4.2.6
Isc Dhcp 4.2.7
Isc Dhcp 4.2.8
Isc Dhcp 4.3.0
Isc Dhcp 4.3.1
Isc Dhcp 4.3.2
Isc Dhcp 4.3.3
5.6
CVSSv2
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
5.1
CVSSv2
CVE-2005-3216
Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote malicious users to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Win...
Sophos Sophos Anti-virus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »