Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Unified threat management software'
2016-10-03
CVE-2016-7442
CWE-200
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab.
CVE-2016-7397
CWE-200
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the SMTP user settings in the notifications configuration tab.
2016-02-18
CVE-2015-7547
CWE-119
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
2016-02-17
CVE-2016-2046
Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
2016-01-14
CVE-2016-0778
CWE-119
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
CVE-2016-0777
CWE-200
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
2014-03-18
CVE-2014-2537
CWE-399
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
2012-07-09
CVE-2012-3238
CWE-79
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
>>>
Vendor:
Sophos
53
Products
Small business suite
Sophos anti-virus
Sophos puremessage anti-virus
Sophos small business suite
Sophos mailmonitor
Sophos mailmonitor for notes domino
Anti-virus
Endpoint security
Scanning engine
Es1000
Es4000
Anti-virus7.6.3
Puremessage for microsoft exchange
Endpoint protection
Unified threat management software
Unified threat management
Disk encryption
Safeguard easy device encryption client
Safeguard enterprise device encryption
Sophos endpoint security and control
Safeguard enterprise
Free encryption
Safeguard privatecrypto
Web appliance
Web appliance firmware
Enterprise console
Cyberoam cr100ing utm firmware
Cyberoam cr35ing utm firmware
Unified threat management up2date
Mobile control eas proxy
Cyberoam cr25ing utm firmware
Cyberoam firmware
Threat detection engine
Hitmanpro
Astaro security gateway firmware
SFOS
Sophos tester
Invincea-x
Invincea dell protected workspace
Safeguard enterprise client
Safeguard lan crypt client
Hitmanpro.alert
Ssl vpn client
Ipsec client
Cyberoamos
HOME
Sophos secure email
Xg firewall firmware
Intercept x
Sophos secure workspace
Exploit prevention
Intercept x endpoint
Intercept x for server
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 