Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.