Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-10795

    cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10794

    cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10793

    cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10792

    cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-10791

    cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10790

    cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10789

    cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10788

    cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10787

    The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10786

    cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10785

    cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10784

    cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10783

    cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10782

    cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10781

    cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10780

    cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10779

    cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10778

    cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10777

    cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10776

    cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results