Known Vulnerabilities for products from Starwindsoftware
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Starwindsoftware".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24552 | StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk management command. | 9.8 - CRITICAL | 2022-02-06 | 2023-08-08 |
| CVE-2022-24551 | StarWind SAN and NAS before 0.2 build 1685 allows users to reset other users' passwords. | 8.8 - HIGH | 2022-02-06 | 2022-09-01 |
| CVE-2022-23858 | In StarWind Command Center before V2 build 6021, an authenticated read-only user can elevate privileges to administrator thro... | 8.8 - HIGH | 2022-01-24 | 2022-12-09 |
| CVE-2021-43527 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2021-12-08 | 2023-02-23 |
| CVE-2021-42739 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-av... | 6.7 - MEDIUM | 2021-10-20 | 2023-11-07 |
| CVE-2021-42574 | An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reord... | 8.3 - HIGH | 2021-11-01 | 2023-11-07 |
| CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation bec... | 7 - HIGH | 2021-09-26 | 2023-12-26 |
| CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dere... | 6.5 - MEDIUM | 2021-08-23 | 2023-11-07 |
| CVE-2021-20271 | A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can con... | 7 - HIGH | 2021-03-26 | 2023-02-12 |
| CVE-2021-4034 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool desi... | 7.8 - HIGH | 2022-01-28 | 2023-11-07 |
| CVE-2020-36385 | An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx ... | 7.8 - HIGH | 2021-06-07 | 2022-10-25 |
| CVE-2020-36322 | An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_d... | 5.5 - MEDIUM | 2021-04-14 | 2022-10-14 |
| CVE-2020-25704 | A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILT... | 5.5 - MEDIUM | 2020-12-02 | 2022-10-25 |
| CVE-2020-25656 | A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT ... | 4.1 - MEDIUM | 2020-12-02 | 2022-10-25 |
| CVE-2020-25643 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow... | 7.2 - HIGH | 2020-10-06 | 2023-05-16 |
| CVE-2020-24394 | In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects w... | 7.1 - HIGH | 2020-08-19 | 2022-10-25 |
| CVE-2020-14409 | SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitC... | 7.8 - HIGH | 2021-01-19 | 2023-11-07 |
| CVE-2020-14314 | A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it a... | 5.5 - MEDIUM | 2020-09-15 | 2023-11-07 |
| CVE-2020-0427 | In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local informa... | 5.5 - MEDIUM | 2020-09-17 | 2022-10-25 |
| CVE-2019-20807 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfa... | 5.3 - MEDIUM | 2020-05-28 | 2022-09-01 |