Known Vulnerabilities for Endpoint Protection by Sophos
Listed below are 3 of the newest known vulnerabilities associated with "Endpoint Protection" by "Sophos".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34383 | Admidio is an open-source user management solution. Prior to version 5.0.8, the inventory module's item_save endpoint accepts... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-34215 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-3190 | A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to enfor... | Not Provided | 2026-03-26 | 2026-04-02 |
| CVE-2020-9363 | The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint... | 7.8 - HIGH | 2020-02-24 | 2022-04-18 |
| CVE-2018-9233 | Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Co... | 7.8 - HIGH | 2018-04-05 | 2019-10-03 |
| CVE-2018-4863 | Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOC... | 5.5 - MEDIUM | 2018-04-05 | 2018-05-18 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sophos | Endpoint Protection | 10.7 | All | All | All |