Security Vulnerabilities - CVEs Published In August 2019
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).
CVSS Score
6.5
EPSS Score
0.002
Published
2019-08-01
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
CVSS Score
6.5
EPSS Score
0.003
Published
2019-08-01
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).
CVSS Score
5.4
EPSS Score
0.003
Published
2019-08-01
LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-08-01
ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-08-01
cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-01
cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-01
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-01
cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-01
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVSS Score
6.5
EPSS Score
0.003
Published
2019-08-01