Confd log files contain local users', including rootβs, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version...
7.8CVSS
7.7AI Score
0.0004EPSS
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version...
8.8CVSS
8.9AI Score
0.001EPSS
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version...
4.8CVSS
4.9AI Score
0.001EPSS