Vulnerabilities > Sophos > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-01-14 CVE-2015-8605 Improper Input Validation vulnerability in multiple products
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
low complexity
sophos isc debian canonical CWE-20
6.5
2014-06-25 CVE-2014-2005 Improper Authentication vulnerability in Sophos Enterprise Console 5.1/5.2/5.2.1
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen.
low complexity
sophos CWE-287
6.8