Vulnerabilities > Starwindsoftware > Starwind Virtual SAN > v8

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2021-06-07	CVE-2020-36385	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.10. local low complexity linux netapp starwindsoftware CWE-416	7.8
2021-03-26	CVE-2021-20271	Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in RPM's signature check functionality when reading a package file. local high complexity rpm redhat fedoraproject starwindsoftware CWE-345	7.0
2021-01-19	CVE-2020-14409	Integer Overflow or Wraparound vulnerability in multiple products SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. local low complexity libsdl fedoraproject debian starwindsoftware CWE-190	7.8
2020-12-02	CVE-2020-25704	Memory Leak vulnerability in multiple products A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. local low complexity linux debian starwindsoftware CWE-401	5.5
2020-12-02	CVE-2020-25656	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. local high complexity linux redhat debian starwindsoftware CWE-416	4.1
2020-10-06	CVE-2020-25643	Improper Input Validation vulnerability in multiple products A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware CWE-20	7.2
2020-09-17	CVE-2020-0427	Use After Free vulnerability in multiple products In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. local low complexity google debian opensuse starwindsoftware CWE-416	5.5
2020-09-15	CVE-2020-14314	Out-of-bounds Read vulnerability in multiple products A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. local low complexity linux debian canonical starwindsoftware CWE-125	5.5
2020-08-19	CVE-2020-24394	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. local low complexity linux canonical opensuse oracle starwindsoftware CWE-732	7.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.