Filtered by vendor Sophos
Subscribe
Total
161 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13861 | 2 Debian, Sophos | 2 Debian Linux, Taegis Endpoint Agent | 2025-05-07 | N/A | 7.8 HIGH |
| A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected. | |||||
| CVE-2022-3980 | 1 Sophos | 1 Mobile | 2025-04-29 | N/A | 9.8 CRITICAL |
| An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4. | |||||
| CVE-2022-3713 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-24 | N/A | 8.8 HIGH |
| A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2022-3709 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-24 | N/A | 6.8 MEDIUM |
| A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2022-3696 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-24 | N/A | 7.2 HIGH |
| A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2022-3226 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-24 | N/A | 7.2 HIGH |
| An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2022-3710 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-23 | N/A | 2.7 LOW |
| A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2022-3711 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-23 | N/A | 4.3 MEDIUM |
| A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA. | |||||
| CVE-2016-7786 | 1 Sophos | 2 Cyberoam Cr25ing Utm, Cyberoam Cr25ing Utm Firmware | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
| Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5. | |||||
| CVE-2017-6183 | 1 Sophos | 1 Web Appliance | 2025-04-20 | 6.5 MEDIUM | 7.2 HIGH |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | |||||
| CVE-2017-6184 | 1 Sophos | 1 Web Appliance | 2025-04-20 | 6.5 MEDIUM | 4.7 MEDIUM |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | |||||
| CVE-2016-9834 | 1 Sophos | 2 Cyberoam, Cyberoam Firmware | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware through 10.6.4. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of a request to the "LiveConnectionDetail.jsp" application. GET parameters "applicationname" and "username" are improperly sanitized allowing an attacker to inject arbitrary JavaScript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the user. A vulnerable URI is /corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp. | |||||
| CVE-2017-9523 | 1 Sophos | 1 Web Appliance | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. | |||||
| CVE-2017-6315 | 1 Sophos | 2 Astaro Security Gateway, Astaro Security Gateway Firmware | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx. | |||||
| CVE-2016-9553 | 1 Sophos | 1 Web Appliance | 2025-04-20 | 9.0 HIGH | 7.2 HIGH |
| The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258. | |||||
| CVE-2017-6007 | 1 Sophos | 1 Hitmanpro | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call. | |||||
| CVE-2017-6182 | 1 Sophos | 1 Web Appliance | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | |||||
| CVE-2017-6008 | 1 Sophos | 1 Hitmanpro | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call. | |||||
| CVE-2017-7441 | 1 Sophos | 1 Hitmanpro | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie. | |||||
| CVE-2012-6706 | 2 Rarlab, Sophos | 2 Unrar, Threat Detection Engine | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of bounds when setting Mem[DestPos]. | |||||