Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2016-10806

    cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10805

    cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.91
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.7

    HIGH
    CVE-2016-10804

    The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.27
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10803

    cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.36
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10802

    cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.56
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10801

    cPanel before 58.0.4 has improper session handling for shared users (SEC-139).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.66
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-10800

    cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.26
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-10799

    cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.06
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2016-10798

    cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.25
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-10797

    cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.12
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-10796

    cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.05
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10795

    cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.36
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10794

    cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.33
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10793

    cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.98
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10792

    cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.64
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-10791

    cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.24
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10790

    cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.32
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10789

    cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.98
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10788

    cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.92
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10787

    The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.32
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291794 Results