Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trident vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-25742
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
Kubernetes Ingress-nginx
Kubernetes Ingress-nginx 1.0.0
Netapp Trident -
2 Github repositories
5
CVSSv3
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
7.5
CVSSv3
CVE-2020-28362
Go prior to 1.14.12 and 1.15.x prior to 1.15.4 allows Denial of Service.
Golang Go
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Trident -
Netapp Cloud Insights Telegraf Agent -
7.5
CVSSv3
CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
Golang Go
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Trident -
Netapp Cloud Insights Telegraf Agent -
6.5
CVSSv3
CVE-2021-34558
The crypto/tls package of Go up to and including 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
Golang Go
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Storagegrid -
Netapp Trident -
Netapp Cloud Insights Telegraf -
Oracle Timesten In-memory Database
1 Github repository
NA
CVE-2014-2176
Cisco IOS XR 4.1.2 up to and including 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote malicious users to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
Cisco Ios Xr 5.1.1
Cisco Ios Xr 5.1.0
Cisco Ios Xr 4.1.2
Cisco Ios Xr 4.2.0
Cisco Ios Xr 4.3.1
Cisco Asr 9001 -
Cisco Asr 9904 -
Cisco Asr 9006 -
Cisco Asr 9010 -
Cisco Asr 9912 -
Cisco Asr 9922 -
8.6
CVSSv3
CVE-2018-0136
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote malicious user to trigger a reload of one or more Trident-based line cards, resulting in a denial of ser...
Cisco Ios Xr 5.3.4
7.5
CVSSv3
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
5.4
CVSSv3
CVE-2023-28622
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
Tridenttechnolabs Easy Slider Revolution
NA
CVE-2014-3308
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
Cisco Ios Xr
Cisco Asr 9000 Rsp440 Router -
Cisco Asr 9001 -
Cisco Asr 9006 -
Cisco Asr 9010 -
Cisco Asr 9904 -
Cisco Asr 9912 -
Cisco Asr 9922 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »