Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
starwindsoftware san vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-32268
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-roo...
Starwindsoftware Starwind San \\& Nas 0.2
9.8
CVSSv3
CVE-2013-20004
A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target multiple times. This affects iSCSI SAN (Win...
Starwindsoftware Iscsi San
9.8
CVSSv3
CVE-2022-24552
A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that wi...
Starwindsoftware Nas
Starwindsoftware San
8.8
CVSSv3
CVE-2022-24551
A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS ...
Starwindsoftware Nas
Starwindsoftware San
7.5
CVSSv3
CVE-2007-20001
A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20.
Starwindsoftware Iscsi San
7.8
CVSSv3
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
Polkit Project Polkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
280 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-43527
NSS (Network Security Services) versions before 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. A...
Mozilla Nss Esr
Mozilla Nss
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Policy Management 12.6.0.0.0
Starwindsoftware Starwind Virtual San V8r13
Starwindsoftware Starwind San \\& Nas V8r13
8.3
CVSSv3
CVE-2021-42574
An issue exists in the Bidirectional Algorithm in the Unicode Specification up to and including 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens inge...
Unicode Unicode
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Starwindsoftware Starwind Virtual San V8r13
13 Github repositories
1 Article
6.7
CVSSv3
CVE-2021-42739
The firewire subsystem in the Linux kernel up to and including 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Starwindsoftware Starwind San \\& Nas V8r12
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Github repository
7
CVSSv3
CVE-2021-41617
sshd in OpenSSH 6.2 up to and including 8.x prior to 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run w...
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Aff A250 Firmware -
Netapp Aff 500f Firmware -
Oracle Http Server 12.2.1.2.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Starwindsoftware Starwind Virtual San V8r13
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »