Vulnerabilities > Starwindsoftware > Starwind Virtual SAN > v8r13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-08 | CVE-2021-43527 | Out-of-bounds Write vulnerability in multiple products NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. | 9.8 |
2021-11-01 | CVE-2021-42574 | Code Injection vulnerability in multiple products An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. | 8.3 |
2021-10-20 | CVE-2021-42739 | Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | 6.7 |
2021-09-26 | CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. | 7.0 |
2021-08-23 | CVE-2021-37750 | NULL Pointer Dereference vulnerability in multiple products The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. | 6.5 |