Total
12293 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10824 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). | ||||
| CVE-2016-10823 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | ||||
| CVE-2016-10816 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121). | ||||
| CVE-2016-10814 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). | ||||
| CVE-2016-10812 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117). | ||||
| CVE-2016-10808 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113). | ||||
| CVE-2016-10807 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). | ||||
| CVE-2016-10805 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | ||||
| CVE-2016-10804 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | ||||
| CVE-2016-10800 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). | ||||
| CVE-2016-10793 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152). | ||||
| CVE-2016-10789 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). | ||||
| CVE-2016-10788 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188). | ||||
| CVE-2016-10787 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187). | ||||
| CVE-2016-10775 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). | ||||
| CVE-2016-10771 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | ||||
| CVE-2016-10770 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). | ||||
| CVE-2016-10768 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161). | ||||
| CVE-2016-10765 | 1 Edx | 1 Edx-platform | 2024-11-21 | 5.3 Medium |
| edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address. | ||||
| CVE-2016-10739 | 3 Gnu, Opensuse, Redhat | 4 Glibc, Leap, Ansible Tower and 1 more | 2024-11-21 | N/A |
| In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. | ||||