Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-15069
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
Sophos Xg Firewall Firmware
Sophos Xg Firewall Firmware 17.5
7.5
CVSSv2
CVE-2020-11503
A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an malicious user to run arbitrary code remotely.
Sophos Sfos
Sophos Sfos 17.5
7.5
CVSSv2
CVE-2020-12271
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 prior to 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone...
Sophos Sfos 17.1
Sophos Sfos 17.0
Sophos Sfos 18.0
Sophos Sfos 17.5
7.5
CVSSv2
CVE-2017-6182
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
Sophos Web Appliance
1 EDB exploit
7.5
CVSSv2
CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter to login.xml.
Cyberoam Cyberoamos 10.6.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-0994
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x prior to 5.2.1 and 4.x prior to 4.05, when cabinet file inspection is enabled, allows remote malicious users to execute arbitrary code via a CAB file with "invalid folder count values," which lead...
Sophos Sophos Anti-virus
7.5
CVSSv2
CVE-2005-2768
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote malicious users to execute arbitrary code via a Visio file with a crafted sub record length.
Sophos Sophos Anti-virus 3.80
Sophos Sophos Anti-virus 3.81
Sophos Sophos Anti-virus 3.82
Sophos Sophos Anti-virus 3.95
Sophos Sophos Anti-virus 4.5.3
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.79
Sophos Sophos Anti-virus 3.90
Sophos Sophos Anti-virus 3.91
Sophos Sophos Anti-virus 3.4.6
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
Sophos Sophos Anti-virus 3.83
Sophos Sophos Anti-virus 3.84
Sophos Sophos Anti-virus 5.0.1
Sophos Sophos Anti-virus 5.0.4
7.5
CVSSv2
CVE-2004-0937
Sophos Anti-Virus prior to 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me prior to 3.88.0, allows remote malicious users to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from ...
Broadcom Etrust Antivirus 7.0
Ca Etrust Antivirus 7.0 Sp2
Broadcom Etrust Ez Armor 2.0
Broadcom Etrust Ez Armor 2.3
Broadcom Inoculateit 6.0
Eset Software Nod32 Antivirus 1.0.11
Rav Antivirus Rav Antivirus Desktop 8.6
Rav Antivirus Rav Antivirus For File Servers 1.0
Sophos Sophos Anti-virus 3.81
Sophos Sophos Anti-virus 3.82
Sophos Sophos Anti-virus 3.83
Broadcom Etrust Antivirus Gateway 7.1
Broadcom Etrust Ez Antivirus 6.1
Broadcom Etrust Intrusion Detection 1.5
Broadcom Etrust Secure Content Manager 1.0
Kaspersky Lab Kaspersky Anti-virus 3.0
Kaspersky Lab Kaspersky Anti-virus 4.0
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.86
Sophos Sophos Puremessage Anti-virus 4.6
Archive Zip Archive Zip 1.13
1 EDB exploit
7.5
CVSSv2
CVE-2004-0932
McAfee Anti-Virus Engine DATS drivers prior to 4398 released on Oct 13th 2004 and DATS Driver prior to 4397 October 6th 2004 allows remote malicious users to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent t...
Archive Zip Archive Zip 1.13
Broadcom Etrust Ez Antivirus 6.2
Broadcom Etrust Ez Antivirus 6.3
Broadcom Etrust Secure Content Manager 1.0
Ca Etrust Secure Content Manager 1.0
Kaspersky Lab Kaspersky Anti-virus 4.0
Kaspersky Lab Kaspersky Anti-virus 5.0
Sophos Sophos Anti-virus 3.79
Sophos Sophos Anti-virus 3.80
Sophos Sophos Puremessage Anti-virus 4.6
Sophos Sophos Small Business Suite 1.0
Broadcom Etrust Antivirus Gateway 7.1
Broadcom Etrust Ez Antivirus 6.1
Broadcom Etrust Intrusion Detection 1.4.5
Broadcom Etrust Intrusion Detection 1.5
Eset Software Nod32 Antivirus 1.0.13
Kaspersky Lab Kaspersky Anti-virus 3.0
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
Broadcom Brightstor Arcserve Backup 11.1
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2004-0933
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 up to and including 2.4, and EZ-Antivirus 6.1 up to and including 6.3 allow remote...
Archive Zip Archive Zip 1.13
Broadcom Etrust Ez Antivirus 6.2
Broadcom Etrust Ez Antivirus 6.3
Broadcom Etrust Secure Content Manager 1.0
Ca Etrust Secure Content Manager 1.0
Kaspersky Lab Kaspersky Anti-virus 4.0
Kaspersky Lab Kaspersky Anti-virus 5.0
Mcafee Antivirus Engine 4.3.20
Sophos Sophos Anti-virus 3.79
Sophos Sophos Anti-virus 3.80
Sophos Sophos Puremessage Anti-virus 4.6
Sophos Sophos Small Business Suite 1.0
Broadcom Etrust Antivirus Gateway 7.1
Broadcom Etrust Ez Antivirus 6.1
Broadcom Etrust Intrusion Detection 1.4.5
Broadcom Etrust Intrusion Detection 1.5
Eset Software Nod32 Antivirus 1.0.13
Kaspersky Lab Kaspersky Anti-virus 3.0
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »