Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2016-10815

    cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10814

    cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10813

    cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10812

    In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10811

    In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10810

    In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10809

    In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10808

    In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10807

    cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10806

    cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10805

    cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.7

    HIGH
    CVE-2016-10804

    The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10803

    cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10802

    cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10801

    cPanel before 58.0.4 has improper session handling for shared users (SEC-139).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-10800

    cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-10799

    cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2016-10798

    cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134).... Read more

    Affected Products : cpanel
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-10797

    cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-10796

    cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results