VYPR
Vendor

Sophos

Sophos Limited is a British security software and hardware company. It develops and markets managed security services and cybersecurity software and hardware, such as managed detection and response, incident response and endpoint security software. Sophos was listed on the London Stock Exchange until it was acquired by Thoma Bravo, an American private equity firm in March 2020.

Founded 1985
Products
72
CVEs
166
Across products
216
Status
Private

Products

72
View all 72 products →

Recent CVEs

166
View all 166 CVEs →
  • CVE-2009-20011CriAug 30, 2025
    risk 0.73cvss epss 0.01

    ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenticated attackers to upload and execute…

  • CVE-2017-6315CriSep 19, 2017
    risk 0.68cvss 9.8epss 0.17

    Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx.

  • CVE-2017-6182CriMar 30, 2017
    risk 0.68cvss 9.8epss 0.17

    In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.

  • CVE-2012-6706CriJun 22, 2017
    risk 0.65cvss 9.8epss 0.10

    A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a…

  • CVE-2025-10159CriSep 9, 2025
    risk 0.64cvss 9.8epss 0.01

    An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than firmware version 1.7.2563 (MR7).

  • CVE-2015-7547HigFeb 18, 2016
    risk 0.63cvss 8.1epss 0.90

    Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS…

  • CVE-2016-7786HigApr 7, 2017
    risk 0.61cvss 8.8epss 0.07

    Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5.

  • CVE-2025-7433HigJul 17, 2025
    risk 0.57cvss 8.8epss 0.00

    A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.

  • CVE-2024-13972HigJul 17, 2025
    risk 0.57cvss 8.8epss 0.00

    A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.

  • CVE-2024-8885HigOct 2, 2024
    risk 0.57cvss 8.8epss 0.00

    A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.

  • CVE-2017-6412HigMar 30, 2017
    risk 0.56cvss 8.1epss 0.08

    In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.

  • CVE-2016-6597HigAug 10, 2016
    risk 0.56cvss 8.6epss 0.04

    Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote attackers to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability.

  • CVE-2018-9233HigApr 5, 2018
    risk 0.54cvss 7.8epss 0.02

    Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow…

  • CVE-2017-6008HigSep 13, 2017
    risk 0.54cvss 7.8epss 0.02

    A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.

  • CVE-2016-0778HigJan 14, 2016
    risk 0.54cvss 8.1epss 0.20

    The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a…

  • CVE-2016-9554HigJan 28, 2017
    risk 0.52cvss 7.2epss 0.24

    The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the…

  • CVE-2018-6857HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12…

  • CVE-2018-6856HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variable…

  • CVE-2018-6855HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014. By crafting an input buffer we can control the execution path to the point where the constant…

  • CVE-2018-6854HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B,…