Vulnerabilities > Sophos > Unified Threat Management Up2Date > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-26 | CVE-2021-36807 | SQL Injection vulnerability in Sophos Unified Threat Management Up2Date An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8. | 6.5 |
2016-01-14 | CVE-2015-8605 | Improper Input Validation vulnerability in multiple products ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. | 5.7 |