Vulnerabilities > Sophos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-09 | CVE-2018-6857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. | 7.2 |
| 2018-07-09 | CVE-2018-6856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. | 7.2 |
| 2018-07-09 | CVE-2018-6855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014. | 7.2 |
| 2018-07-09 | CVE-2018-6854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B, 0x88102003, 0x88102007, 0x88102013, 0x88102017, 0x88102027, 0x88102033, 0x88102037, 0x88102043, and 0x88102047. | 7.2 |
| 2018-07-09 | CVE-2018-6853 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. | 7.2 |
| 2018-07-09 | CVE-2018-6852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. | 7.2 |
| 2018-07-09 | CVE-2018-6851 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. | 7.2 |
| 2018-04-24 | CVE-2016-9038 | Race Condition vulnerability in Sophos Invincea-X 6.1.324058 An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. | 7.8 |
| 2018-04-24 | CVE-2016-8732 | Permission Issues vulnerability in Sophos Invincea Dell Protected Workspace 5.1.122303 Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. | 7.8 |
| 2018-04-05 | CVE-2018-9233 | Use of Password Hash With Insufficient Computational Effort vulnerability in Sophos Endpoint Protection 10.7 Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches. | 2.1 |