A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version...
6.1CVSS
5.9AI Score
0.0005EPSS
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by...
7.5CVSS
7.3AI Score
0.001EPSS
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to...
6.5CVSS
5.3AI Score
0.001EPSS
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary...
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary...
7.2CVSS
7.4AI Score
0.001EPSS
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the...
6.1CVSS
6AI Score
0.001EPSS
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than...
5.5CVSS
5.2AI Score
0.0004EPSS
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than...
4.3CVSS
4.6AI Score
0.0005EPSS
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5...
7.2CVSS
7.3AI Score
0.001EPSS
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5...
2.7CVSS
4.7AI Score
0.001EPSS
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5...
7.2CVSS
7.1AI Score
0.001EPSS
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5...
8.4CVSS
8AI Score
0.001EPSS
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5...
4.3CVSS
5.1AI Score
0.001EPSS
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5...
8.8CVSS
8.8AI Score
0.001EPSS
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and...
9.8CVSS
9.7AI Score
0.368EPSS
Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...
7AI Score
0.0004EPSS
The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is...
6.6AI Score
0.293EPSS
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03....
6.6AI Score
0.973EPSS
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus...
6.7AI Score
0.972EPSS
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and...
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0...
7.2CVSS
7.3AI Score
0.001EPSS
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0...
8.4CVSS
8.3AI Score
0.001EPSS
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0...
8.4CVSS
8.3AI Score
0.001EPSS
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version...
3.9CVSS
4.2AI Score
0.0004EPSS
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and...
5.3CVSS
5.1AI Score
0.001EPSS
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and...
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version...
7.8CVSS
7.7AI Score
0.0004EPSS
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version...
8.8CVSS
8.9AI Score
0.001EPSS
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention...
4.4CVSS
5.6AI Score
0.0004EPSS
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version...
7CVSS
6.7AI Score
0.0004EPSS
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version...
4.8CVSS
4.9AI Score
0.001EPSS
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator...
6.7CVSS
6.8AI Score
0.0004EPSS
A malicious website could execute code remotely in Sophos Connect Client before version...
8.8CVSS
8.7AI Score
0.003EPSS
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate...
5.9CVSS
5.7AI Score
0.001EPSS
Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege...
8.8CVSS
8.7AI Score
0.001EPSS
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP.....
7.8CVSS
7.5AI Score
0.0005EPSS
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to.....
5.5CVSS
5.4AI Score
0.0005EPSS
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash,...
7.8CVSS
7.4AI Score
0.001EPSS
In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special DeviceIoControl code that doesn't check its argument. This argument is a memory address: if a caller passes a NULL pointer or a random invalid address, the driver will cause a Blue Screen of Death. If a program or malware does this...
5.5CVSS
5.6AI Score
0.0004EPSS
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource...
6.5AI Score
0.001EPSS
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus...
6.6AI Score
0.973EPSS
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo...
6AI Score
0.975EPSS
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus...
6.6AI Score
0.972EPSS
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...
5.9AI Score
0.748EPSS
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos...
6.6AI Score
0.973EPSS
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising...
6.7AI Score
0.975EPSS
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL....
6.6AI Score
0.975EPSS
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware...
6.5AI Score
0.975EPSS
The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. NOTE: this may later be SPLIT into multiple CVEs if...
6.7AI Score
0.963EPSS
The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10...
6.6AI Score
0.973EPSS