Starwind Virtual San Security Vulnerabilities and Issues — Starwind Virtual San CVE List

Lucene search

StarwindsoftwareStarwind Virtual San

9 matches found

CVE•added 2021/09/26 7:15 p.m.•16431 views

CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gr...

7CVSS7.5AI score0.00382EPSS

CVE•added 2021/11/01 4:15 a.m.•636 views

CVE-2021-42574

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and i...

8.3CVSS8.4AI score0.21803EPSS

CVE•added 2021/12/08 10:15 p.m.•619 views

CVE-2021-43527

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using N...

9.8CVSS9.6AI score0.0538EPSS

CVE•added 2021/03/26 5:15 p.m.•457 views

CVE-2021-20271

A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this...

7CVSS7AI score0.00197EPSS

CVE•added 2021/06/07 12:15 p.m.•430 views

CVE-2020-36385

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

7.8CVSS7.5AI score0.00055EPSS

CVE•added 2021/04/14 6:15 a.m.•377 views

CVE-2020-36322

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness i...

5.5CVSS6.3AI score0.00023EPSS

CVE•added 2021/08/23 5:15 a.m.•371 views

CVE-2021-37750

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.

6.5CVSS6.6AI score0.00454EPSS

CVE•added 2021/10/20 7:15 a.m.•300 views

CVE-2021-42739

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

6.7CVSS7.1AI score0.00022EPSS

CVE•added 2021/01/19 8:15 p.m.•102 views

CVE-2020-14409

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

7.8CVSS7.4AI score0.00118EPSS