Lucene search
K

8 matches found

OSV
OSV
added 2026/04/02 6:42 p.m.11 views

GO-2026-4901 nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys in github.com/0xJacky/nginx-ui

nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys in github.com/0xJacky/nginx-ui...

9.9CVSS5.9AI score0.0028EPSS
Exploits1References3
OSV
OSV
added 2026/01/23 2:28 a.m.6 views

GO-2026-4322 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik

Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik...

7.5CVSS5.4AI score0.00321EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/17 12:25 a.m.4 views

SUSE CVE-2026-22045

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...

7.5CVSS6.8AI score0.00321EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/15 10:44 p.m.4 views

CVE-2026-22045

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...

7.5CVSS5.6AI score0.00321EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/01/06 1:44 a.m.3 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/22 7:18 p.m.7 views

EUVD-2025-35626

OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted HMAC'd. This impacts those using the ACME functionality of PKI, resulting in...

5.7CVSS6.2AI score0.00286EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2022/07/29 10:5 a.m.22 views

How to Combat the Biggest Security Risks Posed by Machine Identities

The rise of DevOps culture in enterprises has accelerated product delivery timelines. Automation undoubtedly has its advantages. However, containerization and the rise of cloud software development are exposing organizations to a sprawling new attack surface. Machine identities vastly outnumber...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2016/04/11 9:19 a.m.17 views

WordPress Free Encryption Through Let's Encrypt Project

All custom domains hosted on WordPress.com will soon have their sites automatically encrypted for free. WordPress said late Friday afternoon that more than one million sites will have encryption automatically deployed. “We are closing the door to unencrypted web traffic at every opportunity,” wro...

7.3AI score
Exploits0References6
Rows per page
Query Builder