Proteus® NextGen Data Privacy™ users can receive automated alerts using this data by linking it to their ITIL CMDB (IT asset register)

2024

2023

2022

2021

2020

2019

CVE-2019-20490 (v3: 8.8) 17 Mar 2020
cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
CVE-2019-20492 (v3: 8.8) 17 Mar 2020
cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516).
CVE-2019-20498 (v3: 9.8) 17 Mar 2020
cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).

2018

CVE-2018-20937 (v3: 4.3) 1 Aug 2019
cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
CVE-2018-20924 (v3: 5.5) 1 Aug 2019
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
CVE-2018-20888 (v3: 5.5) 1 Aug 2019
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).

2017

2016

CVE-2016-10826 (v3: 8.8) 1 Aug 2019
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
CVE-2016-10831 (v3: 7.2) 1 Aug 2019
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
CVE-2016-10832 (v3: 6.5) 1 Aug 2019
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
CVE-2016-10833 (v3: 7.5) 1 Aug 2019
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
CVE-2016-10835 (v3: 4.3) 1 Aug 2019
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
CVE-2016-10836 (v3: 6.5) 1 Aug 2019
cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).

2015