Total
12758 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-21020 | 1 Centreon | 1 Centreon Web | 2024-11-21 | 7.5 High |
| In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place. | ||||
| CVE-2018-20985 | 1 Payeezy | 1 Wp Payeezy Pay | 2024-11-21 | N/A |
| The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec. | ||||
| CVE-2018-20981 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | N/A |
| The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | ||||
| CVE-2018-20980 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | N/A |
| The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | ||||
| CVE-2018-20973 | 1 Codeermeneer | 1 Companion Auto Update | 2024-11-21 | N/A |
| The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion. | ||||
| CVE-2018-20917 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 70.0.23 allows any user to disable Solr (SEC-371). | ||||
| CVE-2018-20912 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362). | ||||
| CVE-2018-20897 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | ||||
| CVE-2018-20895 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393). | ||||
| CVE-2018-20893 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | ||||
| CVE-2018-20891 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | ||||
| CVE-2018-20883 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows FTP access during account suspension (SEC-449). | ||||
| CVE-2018-20882 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | ||||
| CVE-2018-20879 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | ||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | ||||
| CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | ||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | ||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||||
| CVE-2018-20861 | 1 Openmpt | 1 Libopenmpt | 2024-11-21 | N/A |
| libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files. | ||||
| CVE-2018-20860 | 2 Openmpt, Opensuse | 2 Libopenmpt, Leap | 2024-11-21 | 6.5 Medium |
| libopenmpt before 0.3.13 allows a crash with malformed MED files. | ||||