GO-2026-4901 nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys in github.com/0xJacky/nginx-ui

nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys in github.com/0xJacky/nginx-ui...

SUSE CVE-2026-22045

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...

CVE-2025-44005

A flaw was found in the Automated Certificate Management Environment ACME and Simple Certificate Enrollment Protocol SCEP provisioner features of Step CA github.com/smallstep/certificates. This vulnerability allows an authorization bypass vulnerability in Step CA’s ACME and SCEP provisioners wher...

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco fixed vulnerabilities in Identity Services Engine ISE The vulnerabilities are located in the management interface and allow a malicious person to perform a Cross-Site Scripting attack. Such an attack could lead to execution of arbitrary code in the victim's browser, or access to sensitive...

[SECURITY] Fedora 40 Update: dogtag-pki-11.5.0-3.fc40

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. Dogtag PKI consists of the following components: Certificate Authority CA Key Recovery Authority KRA Online Certificate Status Protocol OCSP Manager Token Key Service TKS Token...

Vulnerabilities fixed in Cisco Nexus Dashboard

Cisco has fixed vulnerabilities in the Nexus Dashboard. A malicious person with access to the management environment can exploit the exploit the vulnerabilities to cause a denial-of-service, or to launch a cross-site scripting attack. execute. Such an attack could result in execution of code in t...

[SECURITY] Fedora 33 Update: dogtag-pki-10.10.6-1.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

Vulnerabilities fixed in Cisco Data Center Network Manager

Cisco has fixed several vulnerabilities in the Data Center Network Manager. The vulnerabilities allow a local authenticated malicious party to conduct attacks that can lead to the following types of damage: Cross-Site Scripting XSS. Manipulation of data Access to system data Increased user...

Let's Encrypt Issued A Billion Free SSL Certificates in the Last 4 Years

Let's Encrypt, a free, automated, and open certificate signing authority CA from the nonprofit Internet Security Research Group ISRG, has said it's issued a billion certificates since its launch in 2015. The CA issued its first certificate in September 2015, before eventually reaching 100 million...

netOffice Dwins <= 1.4p3 SQL Injection Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-11-08 netOffice Dwins = 1.4p3 SQL Injection Vulnerability Script: netOffice Dwins is a free w...