Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:sophos:unified_threat_management_software:9.355:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-7442 |
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab. Published: October 03, 2016; 12:09:16 PM -0400 |
V3.0: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2016-7397 |
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the SMTP user settings in the notifications configuration tab. Published: October 03, 2016; 12:09:14 PM -0400 |
V3.0: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2015-7547 |
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. Published: February 18, 2016; 4:59:00 PM -0500 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |