Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Starwind_virtual_san
(Starwindsoftware)| Repositories | https://github.com/kyz/libmspack |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-12-02 | CVE-2020-25656 | A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. | Debian_linux, Linux_kernel, Enterprise_linux, Starwind_virtual_san | 4.1 | ||
| 2020-12-02 | CVE-2020-25704 | A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service. | Debian_linux, Linux_kernel, Command_center, Starwind_hyperconverged_appliance, Starwind_san_\&_nas, Starwind_virtual_san | 5.5 | ||
| 2021-01-19 | CVE-2020-14409 | SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. | Debian_linux, Fedora, Simple_directmedia_layer, Starwind_virtual_san | 7.8 | ||
| 2021-03-26 | CVE-2021-20271 | A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability. | Fedora, Enterprise_linux, Rpm, Starwind_virtual_san | 7.0 | ||
| 2021-04-14 | CVE-2020-36322 | An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. | Debian_linux, Linux_kernel, Starwind_virtual_san | 5.5 | ||
| 2021-06-07 | CVE-2020-36385 | An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Starwind_san_\&_nas, Starwind_virtual_san | 7.8 | ||
| 2021-08-23 | CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. | Debian_linux, Fedora, Kerberos_5, Communications_cloud_native_core_network_slice_selection_function, Starwind_virtual_san | 6.5 | ||
| 2021-09-26 | CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. | Fedora, Active_iq_unified_manager, Aff_500f_firmware, Aff_a250_firmware, Clustered_data_ontap, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire, Openssh, Http_server, Zfs_storage_appliance_kit, Starwind_virtual_san | 7.0 | ||
| 2021-10-20 | CVE-2021-42739 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | Debian_linux, Fedora, Linux_kernel, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy, Starwind_san_\&_nas, Starwind_virtual_san | 6.7 | ||
| 2021-11-01 | CVE-2021-42574 | An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode... | Fedora, Starwind_virtual_san, Unicode | 8.3 |