Lucene search

K
SophosUnified Threat Management

6 matches found

cve
cve
added 2020/09/25 4:23 a.m.967 views

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

10CVSS9.6AI score0.94415EPSS
cve
cve
added 2022/03/22 12:15 a.m.102 views

CVE-2022-0652

Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.

7.8CVSS7.7AI score0.00046EPSS
cve
cve
added 2022/03/22 12:15 a.m.87 views

CVE-2022-0386

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.

8.8CVSS8.9AI score0.00342EPSS
cve
cve
added 2021/07/29 8:15 p.m.66 views

CVE-2021-25273

Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.

4.8CVSS4.9AI score0.00225EPSS
cve
cve
added 2012/07/09 10:55 p.m.35 views

CVE-2012-3238

Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.

4.3CVSS5.9AI score0.0054EPSS
cve
cve
added 2014/03/18 5:4 p.m.33 views

CVE-2014-2537

Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

7.8CVSS6.7AI score0.01262EPSS