Filtered by vendor Starwindsoftware Subscriptions
Filtered by product Starwind San \& Nas Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-36385 4 Linux, Netapp, Redhat and 1 more 26 Linux Kernel, H300e, H300e Firmware and 23 more 2024-08-04 7.8 High
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-25704 4 Debian, Linux, Redhat and 1 more 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more 2024-08-04 5.5 Medium
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2021-43527 5 Mozilla, Netapp, Oracle and 2 more 17 Nss, Nss Esr, Cloud Backup and 14 more 2024-08-04 9.8 Critical
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.
CVE-2021-42739 6 Debian, Fedoraproject, Linux and 3 more 10 Debian Linux, Fedora, Linux Kernel and 7 more 2024-08-04 6.7 Medium
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2022-32268 1 Starwindsoftware 1 Starwind San \& Nas 2024-08-03 8.8 High
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges.