Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16649

Malware in sbrugna...

5.5CVSS5.5AI score0.01247EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-20827

Malware in sbrugna...

7.8CVSS7.7AI score0.01744EPSS
Exploits5References5
CNNVD
CNNVD
added 2021/05/07 12:0 a.m.4 views

Sophos Endpoint Protection 代码注入漏洞

Sophos Endpoint Protection is a network appliance from Sophos UK. It provides the function of blocking X endpoints. Sophos Endpoint Protection has a security vulnerability that can be exploited by an attacker who can bypass the restrictions of Sophos Endpoint Protection in order to escalate his...

7.2CVSS6.6AI score0.00311EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2019/05/15 12:0 a.m.7 views

April 25, 2019—KB4493460 (Preview of Monthly Rollup)

April 25, 2019—KB4493460 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493471released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...

7.6AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/04/09 7:0 a.m.65 views

April 9, 2019—KB4493458 (Security-only update)

April 9, 2019—KB4493458 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears. Addresses an issue that may cause...

9.3CVSS7.8AI score0.4523EPSS
Exploits42
Microsoft KB
Microsoft KB
added 2019/04/09 7:0 a.m.51 views

April 9, 2019—KB4493450 (Security-only update)

April 9, 2019—KB4493450 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations. Addresses an issue that...

9.3CVSS7.6AI score0.4523EPSS
Exploits42
Microsoft KB
Microsoft KB
added 2019/04/09 7:0 a.m.93 views

April 9, 2019—KB4493471 (Monthly Rollup)

April 9, 2019—KB4493471 Monthly Rollup Customers who have applied KB 4489887 or later Monthly Rollup Packages to Microsoft Server 2008 SP2 may notice a change to the operating system version string. The “build number” component of the version string increases by 1, and the revision number decreas...

9.3CVSS7.6AI score0.4523EPSS
Exploits42
Microsoft KB
Microsoft KB
added 2019/04/09 7:0 a.m.259 views

April 9, 2019—KB4493448 (Security-only update)

April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...

9.3CVSS8.8AI score0.84172EPSS
Exploits51
CNVD
CNVD
added 2018/04/09 12:0 a.m.7 views

Sophos Endpoint Protection Plaintext Password Disclosure Vulnerability

Sophos Endpoint Protection helps protect your workstation by adding prevention, detection and response technologies to your operating system. A plaintext password disclosure vulnerability exists in Sophos Endpoint Protection 10.7. The vulnerability arises because Sophos Endpoint Protection uses...

7.8CVSS6.8AI score0.01744EPSS
Exploits5References1
exploitpack
exploitpack
added 2018/04/06 12:0 a.m.41 views

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition...

2.1CVSS7.7AI score0.01744EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/06 12:0 a.m.47 views

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition Security Vendor: ========== www.sophos.com Product: =========== Sophos...

7.8CVSS7.7AI score0.01744EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/06 12:0 a.m.75 views

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt + ISR: Apparition Security Vendor: ============= www.sophos.com Product: =========== Sophos...

5.5CVSS7AI score0.01247EPSS
Exploits5
OSV
OSV
added 2018/04/05 5:29 p.m.5 views

CVE-2018-4863

Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key...

5.5CVSS5.8AI score0.01247EPSS
Exploits5References3
Prion
Prion
added 2018/04/05 5:29 p.m.12 views

Default credentials

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other...

2.1CVSS7.5AI score0.01744EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2018/04/05 5:29 p.m.22 views

CVE-2018-9233

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other...

7.8CVSS7.6AI score0.01744EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/04/05 5:0 p.m.17 views

CVE-2018-9233

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other...

7.6AI score0.01744EPSS
Exploits5References3
0day.today
0day.today
added 2018/04/04 12:0 a.m.68 views

Sophos Endpoint Protection 10.7 Tamper Protection Bypass Vulnerability

Sophos Endpoint Protection version 10.7 suffers from a tamper protection bypass vulnerability. + Credits: John Page aka hyp3rlinx Vendor: ============= www.sophos.com Product: =========== Sophos Endpoint Protection v10.7 Sophos Endpoint Protection helps secure your workstation by adding preventio...

0.01247EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/04/04 12:0 a.m.47 views

Sophos Endpoint Protection 10.7 Insecure Cryptography

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition Security Vendor: ========== www.sophos.com Product: =========== Sophos...

7.6AI score0.01744EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/04/04 12:0 a.m.57 views

Sophos Endpoint Protection 10.7 Tamper Protection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt + ISR: Apparition Security Vendor: ============= www.sophos.com Product: =========== Sophos...

5.9AI score0.01247EPSS
Exploits5
0day.today
0day.today
added 2018/04/04 12:0 a.m.40 views

Sophos Endpoint Protection 10.7 Insecure Cryptography Vulnerability

Sophos Endpoint Protection version 10.7 control panel authentication uses a weak unsalted unicoded cryptographic hash SHA1 function. Not using a salt allows attackers that gain access to hash ability to conduct faster cracking attacks using pre-computed dictionaries, e.g. rainbow tables. This can...

0.2AI score0.01744EPSS
Exploits5
Rows per page
Query Builder