Total
9823 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20943 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | ||||
| CVE-2018-20942 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | ||||
| CVE-2018-20941 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | ||||
| CVE-2018-20939 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339). | ||||
| CVE-2018-20913 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364). | ||||
| CVE-2018-20902 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408). | ||||
| CVE-2018-20894 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). | ||||
| CVE-2018-20889 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). | ||||
| CVE-2018-20870 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467). | ||||
| CVE-2018-20855 | 3 Linux, Netapp, Opensuse | 6 Linux Kernel, Active Iq Performance Analytics Services, Active Iq Unified Manager and 3 more | 2024-11-21 | 3.3 Low |
| An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. | ||||
| CVE-2018-20812 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-11-21 | N/A |
| An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints. | ||||
| CVE-2018-20811 | 1 Ivanti | 1 Connect Secure | 2024-11-21 | N/A |
| A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2 and 8.1RX before 8.1R12. | ||||
| CVE-2018-20776 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 provides a directory listing for a /public request. | ||||
| CVE-2018-20681 | 1 Mate-desktop | 1 Mate-screensaver | 2024-11-21 | N/A |
| mate-screensaver before 1.20.2 in MATE Desktop Environment allows physically proximate attackers to view screen content and possibly control applications. By unplugging and re-plugging or power-cycling external output devices (such as additionally attached graphical outputs via HDMI, VGA, DVI, etc.) the content of a screensaver-locked session can be revealed. In some scenarios, the attacker can execute applications, such as by clicking with a mouse. | ||||
| CVE-2018-20609 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI. | ||||
| CVE-2018-20608 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. | ||||
| CVE-2018-20607 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. | ||||
| CVE-2018-20606 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. | ||||
| CVE-2018-20602 | 1 Lfdycms | 1 Lei Feng Tv Cms | 2024-11-21 | N/A |
| Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI. | ||||
| CVE-2018-20571 | 1 Damicms | 1 Damicms | 2024-11-21 | N/A |
| DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add/id request, as demonstrated by admin.php?s=Tpl/Add/id/.\Public\Config\config.ini.php to read the global configuration file. | ||||