Vendor CVEs
Sophos
All CVEs
166 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5552 | 0.00 | — | 0.01 | Oct 17, 2023 | A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. | |||
| CVE-2023-33335 | 0.00 | — | 0.01 | Jul 5, 2023 | Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed. | |||
| CVE-2023-33336 | 0.00 | — | 0.01 | Jun 30, 2023 | Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes. | |||
| CVE-2023-23562 | 0.00 | — | 0.00 | May 31, 2023 | Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters. | |||
| CVE-2023-23561 | 0.00 | — | 0.00 | May 30, 2023 | Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information. | |||
| CVE-2023-1585 | 0.00 | — | 0.00 | Apr 19, 2023 | Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14… | |||
| CVE-2022-4934 | 0.00 | — | 0.02 | Apr 4, 2023 | A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code. | |||
| CVE-2020-36692 | 0.00 | — | 0.01 | Apr 4, 2023 | A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA. | |||
| CVE-2022-4901 | 0.00 | — | 0.00 | Mar 1, 2023 | Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim. | |||
| CVE-2022-48309 | 0.00 | — | 0.00 | Mar 1, 2023 | A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90. | |||
| CVE-2022-48310 | 0.00 | — | 0.00 | Mar 1, 2023 | An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90. | |||
| CVE-2022-3226 | 0.00 | — | 0.02 | Dec 1, 2022 | An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-3711 | 0.00 | — | 0.01 | Dec 1, 2022 | A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-3709 | 0.00 | — | 0.01 | Dec 1, 2022 | A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-3713 | 0.00 | — | 0.01 | Dec 1, 2022 | A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-3710 | 0.00 | — | 0.01 | Dec 1, 2022 | A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-3696 | 0.00 | — | 0.01 | Dec 1, 2022 | A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA. | |||
| CVE-2022-1807 | 0.00 | — | 0.01 | Sep 7, 2022 | Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1. | |||
| CVE-2021-25268 | 0.00 | — | 0.01 | May 5, 2022 | Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA. | |||
| CVE-2021-25267 | 0.00 | — | 0.01 | May 5, 2022 | Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA. | |||
| CVE-2021-25266 | 0.00 | — | 0.00 | Apr 27, 2022 | An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. | |||
| CVE-2022-0331 | 0.00 | — | 0.01 | Mar 29, 2022 | An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older. | |||
| CVE-2022-0652 | 0.00 | — | 0.00 | Mar 21, 2022 | Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710. | |||
| CVE-2022-0386 | 0.00 | — | 0.01 | Mar 21, 2022 | A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710. | |||
| CVE-2022-0366 | 0.00 | — | 0.01 | Feb 2, 2022 | An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1. | |||
| CVE-2021-25269 | 0.00 | — | 0.00 | Nov 26, 2021 | A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos… | |||
| CVE-2021-36807 | 0.00 | — | 0.01 | Nov 26, 2021 | An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8. | |||
| CVE-2021-36808 | 0.00 | — | 0.00 | Oct 30, 2021 | A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. | |||
| CVE-2021-25271 | 0.00 | — | 0.00 | Oct 7, 2021 | A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318. | |||
| CVE-2021-25270 | 0.00 | — | 0.00 | Oct 7, 2021 | A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901. | |||
| CVE-2021-25273 | 0.00 | — | 0.01 | Jul 29, 2021 | Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. | |||
| CVE-2021-25265 | 0.00 | — | 0.02 | Mar 22, 2021 | A malicious website could execute code remotely in Sophos Connect Client before version 2.1. | |||
| CVE-2020-14980 | 0.00 | — | 0.01 | Jun 22, 2020 | The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation. | |||
| CVE-2020-10947 | 0.00 | — | 0.02 | Apr 17, 2020 | Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation. | |||
| CVE-2020-9540 | 0.00 | — | 0.00 | Mar 1, 2020 | Sophos HitmanPro.Alert before build 861 allows local elevation of privilege. | |||
| CVE-2020-9363 | 0.00 | — | 0.01 | Feb 24, 2020 | The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to… | |||
| CVE-2019-17059 | 0.00 | — | 0.07 | Oct 11, 2019 | A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles. | |||
| CVE-2017-17023 | 0.00 | — | 0.01 | Apr 9, 2019 | The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of… | |||
| CVE-2018-3971 | 0.00 | — | 0.01 | Oct 25, 2018 | An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An… | |||
| CVE-2018-3970 | 0.00 | — | 0.00 | Oct 25, 2018 | An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send… | |||
| CVE-2014-5502 | 0.00 | — | 0.02 | Oct 7, 2014 | The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode. | |||
| CVE-2014-2385 | 0.00 | — | 0.04 | Jul 22, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3)… | |||
| CVE-2014-2537 | 0.00 | — | 0.03 | Mar 18, 2014 | Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||
| CVE-2014-1213 | 0.00 | — | 0.01 | Feb 10, 2014 | Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service… | |||
| CVE-2013-5932 | 0.00 | — | 0.05 | Sep 23, 2013 | Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors. | |||
| CVE-2010-5249 | 0.00 | — | 0.00 | Sep 7, 2012 | Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 and Sophos SafeGuard PrivateCrypto 2.40.1.2 allows local users to gain privileges via a Trojan horse pcrypt0406.dll file in the current working directory, as demonstrated by a directory that contains a .uti… | |||
| CVE-2012-4736 | 0.00 | — | 0.00 | Aug 29, 2012 | The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended… | |||
| CVE-2010-5177 | 0.00 | — | 0.00 | Aug 25, 2012 | Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space… | |||
| CVE-2011-5117 | 0.00 | — | 0.00 | Aug 24, 2012 | Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate… | |||
| CVE-2012-3238 | 0.00 | — | 0.03 | Jul 9, 2012 | Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field. |
- CVE-2023-5552Oct 17, 2023risk 0.00cvss —epss 0.01
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
- CVE-2023-33335Jul 5, 2023risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed.
- CVE-2023-33336Jun 30, 2023risk 0.00cvss —epss 0.01
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
- CVE-2023-23562May 31, 2023risk 0.00cvss —epss 0.00
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
- CVE-2023-23561May 30, 2023risk 0.00cvss —epss 0.00
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
- CVE-2023-1585Apr 19, 2023risk 0.00cvss —epss 0.00
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14…
- CVE-2022-4934Apr 4, 2023risk 0.00cvss —epss 0.02
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
- CVE-2020-36692Apr 4, 2023risk 0.00cvss —epss 0.01
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
- CVE-2022-4901Mar 1, 2023risk 0.00cvss —epss 0.00
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.
- CVE-2022-48309Mar 1, 2023risk 0.00cvss —epss 0.00
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.
- CVE-2022-48310Mar 1, 2023risk 0.00cvss —epss 0.00
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.
- CVE-2022-3226Dec 1, 2022risk 0.00cvss —epss 0.02
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-3711Dec 1, 2022risk 0.00cvss —epss 0.01
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-3709Dec 1, 2022risk 0.00cvss —epss 0.01
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-3713Dec 1, 2022risk 0.00cvss —epss 0.01
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-3710Dec 1, 2022risk 0.00cvss —epss 0.01
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-3696Dec 1, 2022risk 0.00cvss —epss 0.01
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA.
- CVE-2022-1807Sep 7, 2022risk 0.00cvss —epss 0.01
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
- CVE-2021-25268May 5, 2022risk 0.00cvss —epss 0.01
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.
- CVE-2021-25267May 5, 2022risk 0.00cvss —epss 0.01
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA.
- CVE-2021-25266Apr 27, 2022risk 0.00cvss —epss 0.00
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
- CVE-2022-0331Mar 29, 2022risk 0.00cvss —epss 0.01
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.
- CVE-2022-0652Mar 21, 2022risk 0.00cvss —epss 0.00
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
- CVE-2022-0386Mar 21, 2022risk 0.00cvss —epss 0.01
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
- CVE-2022-0366Feb 2, 2022risk 0.00cvss —epss 0.01
An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1.
- CVE-2021-25269Nov 26, 2021risk 0.00cvss —epss 0.00
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos…
- CVE-2021-36807Nov 26, 2021risk 0.00cvss —epss 0.01
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.
- CVE-2021-36808Oct 30, 2021risk 0.00cvss —epss 0.00
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
- CVE-2021-25271Oct 7, 2021risk 0.00cvss —epss 0.00
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
- CVE-2021-25270Oct 7, 2021risk 0.00cvss —epss 0.00
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
- CVE-2021-25273Jul 29, 2021risk 0.00cvss —epss 0.01
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
- CVE-2021-25265Mar 22, 2021risk 0.00cvss —epss 0.02
A malicious website could execute code remotely in Sophos Connect Client before version 2.1.
- CVE-2020-14980Jun 22, 2020risk 0.00cvss —epss 0.01
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.
- CVE-2020-10947Apr 17, 2020risk 0.00cvss —epss 0.02
Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.
- CVE-2020-9540Mar 1, 2020risk 0.00cvss —epss 0.00
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege.
- CVE-2020-9363Feb 24, 2020risk 0.00cvss —epss 0.01
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to…
- CVE-2019-17059Oct 11, 2019risk 0.00cvss —epss 0.07
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
- CVE-2017-17023Apr 9, 2019risk 0.00cvss —epss 0.01
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of…
- CVE-2018-3971Oct 25, 2018risk 0.00cvss —epss 0.01
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An…
- CVE-2018-3970Oct 25, 2018risk 0.00cvss —epss 0.00
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send…
- CVE-2014-5502Oct 7, 2014risk 0.00cvss —epss 0.02
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.
- CVE-2014-2385Jul 22, 2014risk 0.00cvss —epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3)…
- CVE-2014-2537Mar 18, 2014risk 0.00cvss —epss 0.03
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
- CVE-2014-1213Feb 10, 2014risk 0.00cvss —epss 0.01
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service…
- CVE-2013-5932Sep 23, 2013risk 0.00cvss —epss 0.05
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors.
- CVE-2010-5249Sep 7, 2012risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 and Sophos SafeGuard PrivateCrypto 2.40.1.2 allows local users to gain privileges via a Trojan horse pcrypt0406.dll file in the current working directory, as demonstrated by a directory that contains a .uti…
- CVE-2012-4736Aug 29, 2012risk 0.00cvss —epss 0.00
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended…
- CVE-2010-5177Aug 25, 2012risk 0.00cvss —epss 0.00
Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space…
- CVE-2011-5117Aug 24, 2012risk 0.00cvss —epss 0.00
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate…
- CVE-2012-3238Jul 9, 2012risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
Page 3 of 4