Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10947
Mac Endpoint for Sophos Central prior to 9.9.6 and Mac Endpoint for Sophos Home prior to 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central
Sophos Anti-virus For Sophos Home
7.5
CVSSv2
CVE-2020-12271
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 prior to 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone...
Sophos Sfos 17.1
Sophos Sfos 17.0
Sophos Sfos 18.0
Sophos Sfos 17.5
4.3
CVSSv2
CVE-2008-6903
Sophos Anti-Virus for Windows prior to 7.6.3, Anti-Virus for Windows NT/9x prior to 4.7.18, Anti-Virus for OS X prior to 4.9.18, Anti-Virus for Linux prior to 6.4.5, Anti-Virus for UNIX prior to 7.0.5, Anti-Virus for Unix and Netware prior to 4.37.0, Sophos EM Library, and Sophos...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
10
CVSSv2
CVE-2008-6904
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) a...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
NA
CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
Sophos Firewall 19.0
Sophos Firewall 18.5
Sophos Firewall
5.6
CVSSv2
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
6.9
CVSSv2
CVE-2014-2005
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x prior to 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate malicious users to obtain desktop access by leveraging the absence o...
Sophos Enterprise Console 5.2
Sophos Enterprise Console
Sophos Enterprise Console 5.2.1
Sophos Enterprise Console 5.1
6.9
CVSSv2
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x up to and including 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physicall...
Sophos Safeguard Enterprise Device Encryption 5.50.8
Sophos Safeguard Enterprise Device Encryption 5.50.0
Sophos Safeguard Enterprise Device Encryption 5.40.0
Sophos Safeguard Enterprise Device Encryption 5.35.3
Sophos Safeguard Enterprise Device Encryption 5.35.2
Sophos Safeguard Enterprise Device Encryption 5.35.1
Sophos Safeguard Enterprise Device Encryption 5.6
Sophos Safeguard Enterprise Device Encryption 5.50.1
Sophos Safeguard Enterprise Device Encryption 5.35.0
Sophos Safeguard Easy Device Encryption Client 5.50.1
Sophos Safeguard Easy Device Encryption Client 5.50.8
Sophos Safeguard Easy Device Encryption Client 5.50.0
Sophos Disk Encryption 5.50.0
Sophos Disk Encryption 5.50.1
Sophos Disk Encryption 5.50.8
7.2
CVSSv2
CVE-2018-6851
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DW...
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Easy Device Encryption Client 7.00
1 Article
7.2
CVSSv2
CVE-2018-6852
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. By crafting an input buffer we can control the execution path to the point where the nt!memset f...
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 6.10
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Enterprise Client 6.00.1
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »