Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-18449

    cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-18448

    cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18447

    cPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18446

    cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-18445

    cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-18444

    cPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2017-18443

    cPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-18442

    cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2017-18441

    cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-18440

    cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18439

    cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18438

    cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2017-18437

    cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2017-18436

    cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18435

    cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18434

    cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-18433

    cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18432

    In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18431

    cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2017-18430

    In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results