Sophos Unified_threat_management_software
9 CVEs affecting Sophos Unified_threat_management_software. Latest disclosed: 2016-10-03. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-7547 | High | 8.1 | 2016-02-18 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2… |
CVE-2016-0778 | High | 8.1 | 2016-01-14 | The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forwar… |
CVE-2016-0777 | Medium | 6.5 | 2016-01-14 | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information fro… |
CVE-2016-2046 | Medium | 6.1 | 2016-02-17 | Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via t… |
CVE-2016-7442 | Medium | 4.4 | 2016-10-03 | The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "val… |
CVE-2016-7397 | Medium | 4.4 | 2016-10-03 | The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "val… |
CVE-2014-2537 | | 2014-03-18 | Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified… | |
CVE-2013-5932 | | 2013-09-23 | Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors. | |
CVE-2012-3238 | | 2012-07-09 | Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject… |