GCVE - cpe:2.3:a:sophos:unified_threat_management

Approved changes feed: RSS · Atom

cpe:2.3:a:sophos:unified_threat_management_up2date:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Sophos (`a481dca1-298d-56ee-9d5c-373f6e8cead2`)
Product	Unified Threat Management Up2Date (`cc57507c-6a5b-5656-8b03-6dcb73c1fc47`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-36807`	vulnerable	2026-06-03 14:44:59.193713	Details available HIGH (8.8) An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8. Published: 2021-11-26T14:12:47.000Z Updated: 2024-08-04T01:01:59.660Z Open on db.gcve.eu Reference links https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-8605`	vulnerable	2026-06-03 14:35:12.463328	Details available ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. Published: 2016-01-14T22:00:00.000Z Updated: 2024-08-06T08:20:43.591Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1034657 http://lists.opensuse.org/opensuse-updates/2016-02/msg00168.html https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/ https://kb.isc.org/article/AA-01334 https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.