Total
417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14402 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). | |||||
| CVE-2018-20904 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | |||||
| CVE-2018-20936 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). | |||||
| CVE-2018-20906 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | |||||
| CVE-2019-14396 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). | |||||
| CVE-2018-20886 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.6 MEDIUM | 5.3 MEDIUM |
| cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). | |||||
| CVE-2019-14413 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476). | |||||
| CVE-2019-14392 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). | |||||
| CVE-2019-20492 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516). | |||||
| CVE-2019-14405 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). | |||||
| CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | |||||
| CVE-2019-20491 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 5.5 MEDIUM | 5.4 MEDIUM |
| cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). | |||||
| CVE-2019-14408 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460). | |||||
| CVE-2019-14398 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498). | |||||
| CVE-2019-14414 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478). | |||||
| CVE-2019-14389 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 7.8 HIGH |
| cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). | |||||
| CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | |||||
| CVE-2019-14388 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). | |||||
| CVE-2018-20909 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). | |||||
| CVE-2019-20490 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499). | |||||