Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-18398

    DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18397

    cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18396

    cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18395

    cPanel before 68.0.15 does not block a username of ssl (SEC-328).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18394

    cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18393

    cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 2.1

    LOW
    CVE-2017-18392

    cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2017-18391

    cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18390

    cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-18389

    cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18388

    cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-18387

    cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-18386

    cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18385

    cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2017-18384

    cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18383

    cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-18382

    cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2017-18381

    The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.... Read more

    Affected Products : edx-platform
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18380

    edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.... Read more

    Affected Products : edx-platform
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-18379

    In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results