Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trident vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2018-1000133
Pitchfork version 1.4.6 RC1 contains an Improper Privilege Management vulnerability in Trident Pitchfork components that can result in A standard unprivileged user could gain system administrator permissions within the web portal.. This attack appear to be exploitable via The use...
Secluded Trident 1.4.6
5.1
CVSSv2
CVE-2006-4359
Stack-based buffer overflow in Trident Software PowerZip 7.06 Build 3895 on Windows 2000 allows remote malicious users to execute arbitrary code via a ZIP archive containing a long filename.
Trident Software Powerzip 7.06 Build 3895
1 EDB exploit
6.8
CVSSv2
CVE-2020-29509
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an malicious user to craft inputs that behave in conflicting ways during different stages of processing in affecte...
Golang Go
Netapp Trident -
6.8
CVSSv2
CVE-2020-29510
The encoding/xml package in Go versions 1.15 and previous versions does not correctly preserve the semantics of directives during tokenization round-trips, which allows an malicious user to craft inputs that behave in conflicting ways during different stages of processing in affe...
Golang Go
Netapp Trident -
6.8
CVSSv2
CVE-2020-29511
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an malicious user to craft inputs that behave in conflicting ways during different stages of processing in affected ...
Golang Go
Netapp Trident -
7.2
CVSSv2
CVE-2020-12446
The ene.sys driver in G.SKILL Trident Z Lighting Control up to and including 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O ports to local non-privileged users. This leads...
Gskill Trident Z Lighting Control
2 Github repositories
NA
CVE-2023-39325
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the malici...
Golang Http2
Golang Go
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netapp Astra Trident -
Netapp Astra Trident Autosupport -
2 Github repositories
5
CVSSv2
CVE-2022-28948
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
Yaml Project Yaml 3.0.0
Netapp Astra Trident -
2 Github repositories
4.3
CVSSv2
CVE-2019-11243
In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not ef...
Kubernetes Kubernetes 1.13.0
Kubernetes Kubernetes
Netapp Trident -
5.5
CVSSv2
CVE-2021-25742
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
Kubernetes Ingress-nginx
Kubernetes Ingress-nginx 1.0.0
Netapp Trident -
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »