Vulnerabilities > Starwindsoftware > Starwind Virtual SAN > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-20 | CVE-2021-42739 | Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | 6.7 |
| 2021-08-23 | CVE-2021-37750 | NULL Pointer Dereference vulnerability in multiple products The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. | 6.5 |
| 2021-04-14 | CVE-2020-36322 | Incomplete Cleanup vulnerability in multiple products An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. | 5.5 |
| 2020-12-02 | CVE-2020-25704 | Memory Leak vulnerability in multiple products A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. | 5.5 |
| 2020-12-02 | CVE-2020-25656 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 4.1 |
| 2020-09-17 | CVE-2020-0427 | Use After Free vulnerability in multiple products In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. | 5.5 |
| 2020-09-15 | CVE-2020-14314 | Out-of-bounds Read vulnerability in multiple products A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. | 5.5 |
| 2018-10-23 | CVE-2018-18585 | NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | 4.3 |
| 2018-10-23 | CVE-2018-18584 | Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787 | 6.5 |
| 2018-10-10 | CVE-2018-16758 | Missing Authentication for Critical Function vulnerability in multiple products Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. | 5.9 |