Sophos

168 tracked vulnerabilities.

CVE-2025-7624 CRITICAL
Sophos Firewall <21.0 - SQL Injection
Jul 21, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-7382 HIGH
Sophos Firewall Firmware < 21.0.2 - OS Command Injection
Jul 21, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-6704 CRITICAL
Sophos Firewall Firmware < 21.0.2 - OS Command Injection
Jul 21, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-13974 HIGH
Sophos Firewall Firmware < 21.0.1 - Remote Code Execution
Jul 21, 2025
CVSS 8.1
EPSS 0.00
CVE-2024-13973 MEDIUM
Sophos Firewall Firmware < 21.0.1 - SQL Injection
Jul 21, 2025
CVSS 6.8
EPSS 0.00
CVE-2024-13861 HIGH
Sophos Taegis Endpoint Agent < 1.3.10 - Code Injection
Apr 11, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-12729 HIGH
Sophos Firewall Firmware < 21.0.1 - Code Injection
Dec 19, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-12728 CRITICAL
Sophos Firewall <20.0.3 - Privilege Escalation
Dec 19, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-12727 CRITICAL
Sophos Firewall Firmware < 21.0.1 - SQL Injection
Dec 19, 2024
CVSS 9.8
EPSS 0.02
CVE-2021-36806 MEDIUM
Sophos Email Appliance < 4.5.3.4 - XSS
Nov 30, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-5552 HIGH
Sophos Firewall < 19.5.3 - Information Disclosure
Oct 18, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-33335 MEDIUM
Sophos iView - XSS
Jul 05, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-33336 MEDIUM
Sophos Web Appliance <4.3.9.1 - XSS
Jun 30, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-1671 CRITICALKEVNUCLEI
Sophos Web Appliance <4.3.10.4 - Command Injection
Apr 04, 2023
CVSS 9.8
EPSS 0.94
CVE-2022-4934 HIGH
Sophos Web Appliance < 4.3.10.4 - Command Injection
Apr 04, 2023
CVSS 7.2
EPSS 0.00
CVE-2020-36692 MEDIUM
Sophos Web Appliance <4.3.10.4 - XSS
Apr 04, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-4901 LOW
Sophos Connect < 2.2.90 - XSS
Mar 01, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-48310 MEDIUM
Sophos Connect < 2.2.90 - Cleartext Storage
Mar 01, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-48309 MEDIUM
Sophos Connect < 2.2.90 - CSRF
Mar 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-3713 HIGH
Sophos XG Firewall Firmware < 19.0 - Code Injection
Dec 01, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-3711 MEDIUM
Sophos XG Firewall Firmware < 19.0 - SQL Injection
Dec 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-3710 LOW
Sophos XG Firewall Firmware < 19.5 - SQL Injection
Dec 01, 2022
CVSS 2.7
EPSS 0.00
CVE-2022-3709 MEDIUM
Sophos XG Firewall Firmware < 19.0 - XSS
Dec 01, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-3696 HIGH
Sophos XG Firewall Firmware < 19.0 - Code Injection
Dec 01, 2022
CVSS 7.2
EPSS 0.00
CVE-2022-3226 HIGH
Sophos Firewall <19.5 GA - Command Injection
Dec 01, 2022
CVSS 7.2
EPSS 0.00
Products
sophos_anti-virus 35 web_appliance 17 anti-virus 12 firewall_firmware 10 unified_threat_management_software 9 sophos_puremessage_anti-virus 9 xg_firewall_firmware 9 sophos_small_business_suite 8 safeguard_easy_device_encryption_client 8 sfos 8 safeguard_enterprise_client 7 safeguard_lan_crypt_client 7 web_appliance_firmware 6 unified_threat_management 6 hitmanpro.alert 4 hitmanpro 4 scanning_engine 4 connect 4 small_business_suite 3 firewall 3 endpoint_security 3 endpoint_protection 3 puremessage_for_microsoft_exchange 3 sophos_tester 2 intercept_x 2 cyberoamos 2 anti-virus7.6.3 2 es4000 2 intercept_x_endpoint 2 es1000 2
Quick Filters
Critical CVEs With Exploits In CISA KEV