CVE-2020-4531
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned...
Monthly Archive: September 2020
CVE-2020-26115
cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/90-change-log/
CVE-2020-26114
cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/90-change-log/
CVE-2020-26113
cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/90-change-log/
CVE-2020-26112
The email quota cache in cPanel before 90.0.10 allows overwriting of files. Date published : 2020-09-25 https://docs.cpanel.net/changelogs/90-change-log/
CVE-2020-26111
cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/90-change-log/
CVE-2020-26110
cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26109
cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26108
cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26107
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26106
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26105
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26104
In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/
CVE-2020-26103
In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551). Date published : 2020-09-25 https://docs.cpanel.net/changelogs/88-change-log/