Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
890
VMScore
CVE-2014-5503
SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS prior to 10.6.1 GA allows remote malicious users to execute arbitrary SQL commands via the add_guest_user opcode.
Cyberoam Cyberoam Os
890
VMScore
CVE-2013-5932
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) prior to 9.105 has unknown impact and attack vectors.
Sophos Unified Threat Management Software 9.007
890
VMScore
CVE-2008-6904
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) a...
Sophos Anti-virus 4.7.18
Sophos Anti-virus 4.9.18
Sophos Anti-virus 6.4.5
Sophos Anti-virus 7.0.5
Sophos Anti-virus 4.37.0
Sophos Anti-virus7.6.3
890
VMScore
CVE-2006-6335
Multiple buffer overflows in Sophos Anti-Virus scanning engine prior to 2.40 allow remote malicious users to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calc...
Sophos Sophos Anti-virus
855
VMScore
CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance prior to 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.4
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.5.6
Sophos Web Appliance Firmware 3.5.5
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.4.1
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.2.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.0.0
Sophos Web Appliance Firmware 3.8.0
Sophos Web Appliance Firmware 3.7.9.1
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
1 EDB exploit
855
VMScore
CVE-2014-2850
The network interface configuration page (netinterface) in Sophos Web Appliance prior to 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.7.1
Sophos Web Appliance Firmware 3.7.0
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.5.2
Sophos Web Appliance Firmware 3.5.1.2
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.3.5.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.1.3
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
Sophos Web Appliance Firmware 3.7.8.1
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.6.2.4.1
Sophos Web Appliance Firmware 3.6.2.4.0
1 EDB exploit
828
VMScore
CVE-2018-16118
A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows remote malicious users to execute arbitrary OS commands via shell metachracters in the "X-Forwarded-for" HTTP header.
Sophos Sfos 17.0
Sophos Sfos 17.0.8
Sophos Sfos 17.1
Sophos Sfos
Sophos Sfos 16.5
828
VMScore
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software ...
Sophos Ipsec Client 11.04
Ncp-e Ncp Secure Entry Client 10.11
828
VMScore
CVE-2018-6318
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its...
Sophos Sophos Tester 3.2.0.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »