cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-10947,https://securityvulnerability.io/vulnerability/CVE-2020-10947,,Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.,Sophos,"Anti-virus For Sophos Central,Anti-virus For Sophos Home",8.8,HIGH,0.0010400000028312206,false,false,false,false,,false,false,2020-04-17T12:38:45.000Z,0
CVE-2014-1213,https://securityvulnerability.io/vulnerability/CVE-2014-1213,,"Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource consumption, CPU consumption, and eventual crash) or spoof ""ready for update"" messages by performing certain operations on mutexes or events including (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest, or (14) SophosALMonSessionInstance, as demonstrated by triggering a ReadyForUpdateSAV event and modifying the UpdateComplete, UpdateMutex, and UpdateRequest objects.",Sophos,"Sophos Anti-virus,Scanning Engine",,,0.0006000000284984708,false,false,false,false,,false,false,2014-02-10T23:00:00.000Z,0
CVE-2012-1438,https://securityvulnerability.io/vulnerability/CVE-2012-1438,,The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.,Sophos,"Sophos Anti-virus,Comodo Antivirus",,,0.8440200090408325,false,false,false,false,,false,false,2012-03-21T10:11:00.000Z,0
CVE-2012-1450,https://securityvulnerability.io/vulnerability/CVE-2012-1450,,"The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.",Sophos,"Sophos Anti-virus,Ikarus Virus Utilities T3 Command Line Scanner,Anti-malware",,,0.9502500295639038,false,false,false,false,,false,false,2012-03-21T10:00:00.000Z,0
CVE-2008-3177,https://securityvulnerability.io/vulnerability/CVE-2008-3177,,"Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.",Sophos,"Es1000,Es4000,Sophos Anti-virus,Sophos Puremessage Anti-virus",,,0.04382000118494034,false,false,false,false,,false,false,2008-07-15T18:03:00.000Z,0
CVE-2007-4787,https://securityvulnerability.io/vulnerability/CVE-2007-4787,,"The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.",Sophos,"Sophos Anti-virus,Scanning Engine",,,0.06418000161647797,false,false,false,false,,false,false,2007-09-10T21:00:00.000Z,0
CVE-2006-6335,https://securityvulnerability.io/vulnerability/CVE-2006-6335,,"Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll.",Sophos,Sophos Anti-virus,,,0.09645000100135803,false,false,false,false,,false,false,2006-12-12T20:00:00.000Z,0
CVE-2006-4839,https://securityvulnerability.io/vulnerability/CVE-2006-4839,,Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections.,Sophos,Sophos Anti-virus,,,0.030549999326467514,false,false,false,false,,false,false,2006-11-01T15:00:00.000Z,0
CVE-2006-0994,https://securityvulnerability.io/vulnerability/CVE-2006-0994,,"Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with ""invalid folder count values,"" which leads to heap corruption.",Sophos,Sophos Anti-virus,,,0.9435999989509583,false,false,false,false,,false,false,2006-05-10T10:00:00.000Z,0
CVE-2005-4680,https://securityvulnerability.io/vulnerability/CVE-2005-4680,,"Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files and data via crafted ARJ archives, which are not properly scanned.",Sophos,Sophos Anti-virus,,,0.0037899999879300594,false,false,false,false,,false,false,2005-12-31T05:00:00.000Z,0
CVE-2005-3382,https://securityvulnerability.io/vulnerability/CVE-2005-3382,,"Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an ""MZ"" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a ""triple headed"" program that contains EXE, EML, and HTML content, aka the ""magic byte bug.""",Sophos,Sophos Anti-virus,,,0.01054999977350235,false,false,false,false,,false,false,2005-10-30T14:34:00.000Z,0
CVE-2005-3216,https://securityvulnerability.io/vulnerability/CVE-2005-3216,,"Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.",Sophos,Sophos Anti-virus,,,0.0037299999967217445,false,false,false,false,,false,false,2005-10-14T04:00:00.000Z,0
CVE-2005-2768,https://securityvulnerability.io/vulnerability/CVE-2005-2768,,"Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.",Sophos,Sophos Anti-virus,,,0.11845000088214874,false,false,false,false,,false,false,2005-09-02T23:03:00.000Z,0
CVE-2005-1530,https://securityvulnerability.io/vulnerability/CVE-2005-1530,,"Sophos Anti-Virus 5.0.1, with ""Scan inside archive files"" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.",Sophos,"Sophos Small Business Suite,Sophos Anti-virus,Sophos Mailmonitor For Notes Domino,Sophos Mailmonitor,Sophos Puremessage Anti-virus",,,0.3391900062561035,false,false,false,false,,false,false,2005-07-19T04:00:00.000Z,0
CVE-2005-1551,https://securityvulnerability.io/vulnerability/CVE-2005-1551,,"Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot.",Sophos,Sophos Anti-virus,,,0.006279999855905771,false,false,false,false,,false,false,2005-05-14T04:00:00.000Z,0
CVE-2004-2088,https://securityvulnerability.io/vulnerability/CVE-2004-2088,,Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.,Sophos,Sophos Anti-virus,,,0.01221999991685152,false,false,false,false,,false,false,2004-02-12T05:00:00.000Z,0