starwindsoftware san vulnerabilities and exploits

(subscribe to this query)

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that wi...

Starwindsoftware Nas Starwindsoftware San

StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-roo...

Starwindsoftware Starwind San \\& Nas 0.2

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS ...

Starwindsoftware Nas Starwindsoftware San

A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target multiple times. This affects iSCSI SAN (Win...

Starwindsoftware Iscsi San

NSS (Network Security Services) versions before 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. A...

Mozilla Nss Esr Mozilla Nss Netapp Cloud Backup -Netapp E-series Santricity Os Controller Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0 Oracle Communications Cloud Native Core Network Repository Function 1.15.0 Oracle Communications Cloud Native Core Network Repository Function 1.15.1 Oracle Communications Cloud Native Core Binding Support Function 1.11.0 Oracle Communications Policy Management 12.6.0.0.0 Starwindsoftware Starwind Virtual San V8r13 Starwindsoftware Starwind San \\& Nas V8r13

A flaw was found in the HDLC_PPP module of the Linux kernel in versions prior to 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest thr...

Linux Linux Kernel 5.9.0 Linux Linux Kernel Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0 Opensuse Leap 15.1 Debian Debian Linux 9.0 Debian Debian Linux 10.0 Opensuse Leap 15.2 Netapp H410c Firmware -Starwindsoftware Starwind Virtual San V8

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...

Polkit Project Polkit Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Workstation 7.0 Redhat Enterprise Linux For Scientific Computing 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux For Power Little Endian 7.0 Redhat Enterprise Linux Server 6.0 Redhat Enterprise Linux For Power Big Endian 7.0 Redhat Enterprise Linux For Ibm Z Systems 7.0 Redhat Enterprise Linux Server Aus 7.3 Redhat Enterprise Linux Server Aus 7.4 Redhat Enterprise Linux Server Tus 7.6 Redhat Enterprise Linux Server Aus 7.6 Redhat Enterprise Linux 8.0 Redhat Enterprise Linux Server Aus 7.7 Redhat Enterprise Linux Server Tus 7.7 Redhat Enterprise Linux Eus 8.2 Redhat Enterprise Linux Server Tus 8.2 Redhat Enterprise Linux Server Aus 8.2 Redhat Enterprise Linux Server Tus 8.4 Redhat Enterprise Linux Server Aus 8.4 Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2

280 Github repositories1 Article

An issue exists in the Linux kernel prior to 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

Linux Linux Kernel Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -Starwindsoftware Starwind San \\& Nas V8r12 Starwindsoftware Starwind Virtual San V8

SDL (Simple DirectMedia Layer) up to and including 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

Libsdl Simple Directmedia Layer Fedoraproject Fedora 33 Debian Debian Linux 9.0 Starwindsoftware Starwind Virtual San V8

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially c...

Libsdl Sdl Image 2.0.2 Debian Debian Linux 8.0 Debian Debian Linux 9.0 Starwindsoftware Starwind Virtual San V8

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook