Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-29574
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated malicious users to execute arbitrary SQL statements remotely.
Sophos Cyberoamos
668
VMScore
CVE-2020-15504
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an malicious user to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 ...
Sophos Xg Firewall Firmware
Sophos Xg Firewall Firmware 17.5
Sophos Xg Firewall Firmware 18.0
668
VMScore
CVE-2020-15069
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
Sophos Xg Firewall Firmware
Sophos Xg Firewall Firmware 17.5
668
VMScore
CVE-2020-11503
A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an malicious user to run arbitrary code remotely.
Sophos Sfos
Sophos Sfos 17.5
668
VMScore
CVE-2020-12271
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 prior to 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone...
Sophos Sfos 17.1
Sophos Sfos 17.0
Sophos Sfos 18.0
Sophos Sfos 17.5
668
VMScore
CVE-2006-0994
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x prior to 5.2.1 and 4.x prior to 4.05, when cabinet file inspection is enabled, allows remote malicious users to execute arbitrary code via a CAB file with "invalid folder count values," which lead...
Sophos Sophos Anti-virus
668
VMScore
CVE-2005-2768
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote malicious users to execute arbitrary code via a Visio file with a crafted sub record length.
Sophos Sophos Anti-virus 3.80
Sophos Sophos Anti-virus 3.81
Sophos Sophos Anti-virus 3.82
Sophos Sophos Anti-virus 3.95
Sophos Sophos Anti-virus 4.5.3
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.79
Sophos Sophos Anti-virus 3.90
Sophos Sophos Anti-virus 3.91
Sophos Sophos Anti-virus 3.4.6
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
Sophos Sophos Anti-virus 3.83
Sophos Sophos Anti-virus 3.84
Sophos Sophos Anti-virus 5.0.1
Sophos Sophos Anti-virus 5.0.4
645
VMScore
CVE-2006-5647
Sophos Anti-Virus and Endpoint Security prior to 6.0.5, Anti-Virus for Linux prior to 5.0.10, and other platforms prior to 4.11 allows remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large...
Sophos Anti-virus 4.04
Sophos Anti-virus 4.05
Sophos Endpoint Security
Sophos Anti-virus 4.7.2
Sophos Anti-virus 5.0.1
Sophos Anti-virus 5.0.2
Sophos Anti-virus 5.0.4
Sophos Anti-virus 4.5.11
Sophos Anti-virus 4.5.3
Sophos Anti-virus 4.7.1
Sophos Anti-virus 5.1
Sophos Anti-virus 5.2.1
Sophos Anti-virus 4.5.12
Sophos Anti-virus 4.5.4
Sophos Anti-virus 5.2
Sophos Anti-virus 6.0.4
1 EDB exploit
642
VMScore
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An atta...
Sophos Hitmanpro.alert 3.7.6.744
642
VMScore
CVE-2018-6855
Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014. By crafting an input buffer we can control the execution path to the point where the constant 0x...
Sophos Safeguard Lan Crypt Client 3.95.1
Sophos Safeguard Lan Crypt Client 3.90.2
Sophos Safeguard Lan Crypt Client 3.90.1
Sophos Safeguard Enterprise Client 6.00
Sophos Safeguard Enterprise Client 6.00.1
Sophos Safeguard Easy Device Encryption Client 6.00
Sophos Safeguard Easy Device Encryption Client 6.10
Sophos Safeguard Enterprise Client 7.00
Sophos Safeguard Enterprise Client 5.60.3
Sophos Safeguard Easy Device Encryption Client 7.00
Sophos Safeguard Enterprise Client 8.00
Sophos Safeguard Enterprise Client 6.10
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »