Vulnerabilities > Sophos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-09 | CVE-2017-17023 | Insufficient Verification of Data Authenticity vulnerability in multiple products The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). | 8.1 |
2018-10-25 | CVE-2018-3971 | Write-what-where Condition vulnerability in Sophos Hitmanpro.Alert 3.7.6.744 An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. | 7.8 |
2018-10-25 | CVE-2018-3970 | Use of Uninitialized Resource vulnerability in Sophos Hitmanpro.Alert 3.7.6.744 An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. | 5.5 |
2018-07-09 | CVE-2018-6857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. | 7.8 |
2018-07-09 | CVE-2018-6856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. | 7.8 |
2018-07-09 | CVE-2018-6855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014. | 7.8 |
2018-07-09 | CVE-2018-6854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B, 0x88102003, 0x88102007, 0x88102013, 0x88102017, 0x88102027, 0x88102033, 0x88102037, 0x88102043, and 0x88102047. | 7.8 |
2018-07-09 | CVE-2018-6853 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. | 7.8 |
2018-07-09 | CVE-2018-6852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. | 7.8 |
2018-07-09 | CVE-2018-6851 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. | 7.8 |