EUVD-2018-15756

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Exploitable memory disclosure vulnerability in Sophos HitmanPro.Alert 3.7.6.744 IOCTL handler exists.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2018-3970	8 Oct 202414:32	–	circl
CVE	CVE-2018-3970	25 Oct 201818:00	–	cve
Cvelist	CVE-2018-3970	25 Oct 201818:00	–	cvelist
NVD	CVE-2018-3970	25 Oct 201818:29	–	nvd
OpenVAS	Sophos HitmanPro.Alert Multiple Vulnerabilities - Windows	1 Nov 201800:00	–	openvas
Prion	Design/Logic Flaw	25 Oct 201818:29	–	prion
Positive Technologies	PT-2018-16350 · Sophos · Sophos Hitmanpro.Alert	25 Oct 201800:00	–	ptsecurity
Talos	Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability	25 Oct 201800:00	–	talos
Talos Blog	Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities	25 Oct 201808:43	–	talosblog

[
  {
    "enisaIdVendor": [
      {
        "id": "389ec944-ddc5-3797-819f-9efd462988a3",
        "vendor": {
          "name": "Talos"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "b8646b29-3e6c-3b47-bd1c-fed18be9bd0e",
        "product": {
          "name": "Sophos"
        },
        "product_version": "Sophos Hitmanro.Alert - hmpalert.sys 3.7.6.744"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/105743
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2018-0635
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

4.9Medium risk

Vulners AI Score4.9

CVSS 34

CVSS 22.1

CVSS 3.15.5

EPSS0.00023