Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-18489

    The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS.... Read more

    Affected Products : contact_form_7_-_clockwork_sms
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18488

    The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.... Read more

    Affected Products : backup_guard
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18487

    The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.... Read more

    Affected Products : google_adsense
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2017-18486

    Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the sh... Read more

    Affected Products : helpdesk
    • Published: Aug. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2017-18485

    Cognitoys Dino devices allow profiles_add.html CSRF.... Read more

    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18484

    Cognitoys Dino devices allow XSS via the SSID.... Read more

    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18483

    ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID.... Read more

    Affected Products : sp1_firmware sp1
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18482

    cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18481

    cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18480

    cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18479

    In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18478

    In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18477

    In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18476

    Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18475

    In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-18474

    cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18473

    cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18472

    cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18471

    cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18470

    cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results