Total
10229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10816 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121). | |||||
| CVE-2016-10814 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). | |||||
| CVE-2016-10812 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117). | |||||
| CVE-2016-10808 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113). | |||||
| CVE-2016-10807 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). | |||||
| CVE-2016-10805 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | |||||
| CVE-2016-10804 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 8.7 HIGH | 8.1 HIGH |
| The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | |||||
| CVE-2016-10800 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). | |||||
| CVE-2016-10793 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152). | |||||
| CVE-2016-10789 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). | |||||
| CVE-2016-10788 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188). | |||||
| CVE-2016-10787 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187). | |||||
| CVE-2016-10775 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). | |||||
| CVE-2016-10771 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | |||||
| CVE-2016-10770 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). | |||||
| CVE-2016-10768 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161). | |||||
| CVE-2016-10765 | 1 Edx | 1 Edx-platform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address. | |||||
| CVE-2016-10739 | 2 Gnu, Opensuse | 2 Glibc, Leap | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. | |||||
| CVE-2016-10728 | 1 Suricata-ids | 1 Suricata | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection. | |||||
| CVE-2016-10718 | 1 Brave | 1 Brave Browser | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service. | |||||