Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-14409 |
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. Published: January 19, 2021; 3:15:12 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-25656 |
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. Published: December 01, 2020; 8:15:12 PM -0500 |
V3.1: 4.1 MEDIUM V2.0: 1.9 LOW |
CVE-2020-25643 |
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Published: October 06, 2020; 10:15:12 AM -0400 |
V3.1: 7.2 HIGH V2.0: 7.5 HIGH |
CVE-2020-0427 |
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171 Published: September 17, 2020; 3:15:12 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-14314 |
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. Published: September 15, 2020; 4:15:13 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-24394 |
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. Published: August 19, 2020; 9:15:10 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2018-16758 |
Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. Published: October 10, 2018; 5:29:02 PM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-16738 |
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1. Published: October 10, 2018; 5:29:01 PM -0400 |
V3.1: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2018-16737 |
tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. Published: October 10, 2018; 5:29:01 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2018-3839 |
An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Published: April 10, 2018; 5:29:00 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-3837 |
An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability. Published: April 10, 2018; 5:29:00 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |