456 matches found
CVE-2026-28538
CVE-2026-28538 describes a path traversal vulnerability in the certificate management module. Impact is stated as potentially affecting availability with a CVSS 3.1 score of 5.9 (LOCAL, no privileges, no user interaction) per the provided metrics. The initial entry does not specify affected produ...
CVE-2026-28538
Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-23420
Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...
Huawei HarmonyOS 路径遍历漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to cause availability to b...
PT-2026-23419
Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...
Comparison of Credential Management Systems Based on the Standards of IEEE, ETSI, and YD/T 3957-2021
As V2X Vehicle-to-Everything technology becomes increasingly prevalent, the security of V2X networks has garnered growing attention worldwide. In North America, the IEEE 1609 series standards are primarily used, while Europe adopts the ETSI series standards, and China has also established its...
CVE-2026-25963
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
AZL-76824 CVE-2025-47911 affecting package cert-manager for versions less than 1.11.2-27
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
CVE-2025-68721
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...
CVE-2025-68721
Axigen Mail Server (before 10.5.57) suffers an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access checks and reach the SSL Certificates management endpoint (page=sslcerts), enabling viewing, downloading, uploading, an...
CVE-2025-68721
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...
CVE-2026-25518
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098 Cisco Meeting Management Arbitrary File Upload Vulnerability
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098
Cisco Meeting Management is affected in the Certificate Management feature. The CVE-2026-20098 issue arises from improper input validation in the web-based management interface, allowing an authenticated remote attacker (with at least the video operator role) to upload arbitrary files, execute co...
Cisco Meeting Management Arbitrary File Upload Vulnerability
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
PT-2026-6080
Name of the Vulnerable Software and Affected Versions Cisco Meeting Management affected versions not specified Description A flaw exists in the Certificate Management feature that could allow a remote attacker with valid credentials video operator role or higher to upload arbitrary files, execute...