Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2017-18469

    cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18468

    cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-18467

    cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18466

    cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2017-18465

    cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18464

    cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18463

    cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18462

    cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2017-18461

    cPanel before 62.0.17 allows does not preserve security policy questions across an account rename (SEC-223).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18460

    cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18459

    cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.6

    LOW
    CVE-2017-18458

    cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2017-18457

    cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18456

    cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18455

    In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18454

    cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2017-18453

    cPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2017-18452

    cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-18451

    cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.5

    MEDIUM
    CVE-2017-18450

    cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results