Total
34023 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14409 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466). | ||||
| CVE-2019-14408 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460). | ||||
| CVE-2019-14407 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). | ||||
| CVE-2019-14405 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). | ||||
| CVE-2019-14404 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484). | ||||
| CVE-2019-14402 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). | ||||
| CVE-2019-14401 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480). | ||||
| CVE-2019-14400 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479). | ||||
| CVE-2019-14399 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477). | ||||
| CVE-2019-14398 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498). | ||||
| CVE-2019-14397 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496). | ||||
| CVE-2019-14396 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). | ||||
| CVE-2019-14394 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489). | ||||
| CVE-2019-14393 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486). | ||||
| CVE-2019-14392 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). | ||||
| CVE-2019-14391 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). | ||||
| CVE-2019-14389 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). | ||||
| CVE-2019-14388 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). | ||||
| CVE-2019-14345 | 1 Vocabularyserver | 1 Tematres | 2024-11-21 | 9.8 Critical |
| TemaTres 3.0 allows remote unprivileged users to create an administrator account | ||||
| CVE-2019-14339 | 1 Canon | 1 Print | 2024-11-21 | N/A |
| The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key. | ||||