Sophos » Unified Threat Management Software : Security Vulnerabilities, CVEs, (Information Leak)
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab.
Max CVSS
4.4
EPSS Score
0.05%
Published
2016-10-03
Updated
2018-10-09
The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the SMTP user settings in the notifications configuration tab.
Max CVSS
4.4
EPSS Score
0.05%
Published
2016-10-03
Updated
2018-10-09
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Max CVSS
6.5
EPSS Score
0.24%
Published
2016-01-14
Updated
2022-12-13
3 vulnerabilities found