Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how cpanel compares to other vendors in security performance

View Risk Score →

Cpanel CpanelIn cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).

Risk 18
Severity
3.3
First published (updated )
CVE-2019-20494

Cpanel CpanelcPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).

Risk 18
Severity
3.3
First published (updated )
CVE-2016-10796

Cpanel CpanelcPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin…

Risk 18
Severity
3.3
First published (updated )
CVE-2016-10772

Cpanel CpanelInput Validation

Risk 25
Severity
3.6
First published (updated )
CVE-2017-18458

Cpanel CpanelInfoleak

Risk 19
Severity
3.5
First published (updated )
CVE-2017-18436
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Cpanel CpanelIn cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account ter…

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18429

Cpanel CpanelInfoleak

Risk 14
Severity
2.5
First published (updated )
CVE-2017-18428

Cpanel CpanelIn cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18427

Cpanel CpanelIn cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).

Risk 14
Severity
2.5
First published (updated )
CVE-2017-18425

Cpanel CpanelInfoleak

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18424
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Cpanel CpanelIn cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18423

Cpanel CpanelIn cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272…

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18422

Cpanel CpanelcPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18421

Cpanel CpanelcPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mi…

Risk 14
Severity
2.5
First published (updated )
CVE-2017-18412

Cpanel CpanelcPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).

Risk 18
Severity
3.3
First published (updated )
CVE-2017-18397
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Cpanel CpanelInput Validation

Risk 13
Severity
2.1
First published (updated )
CVE-2017-18392

Cpanel CpanelInfoleak

Risk 14
Severity
2.5
First published (updated )
CVE-2017-18391

Cpanel CpanelcPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310)…

Risk 20
Severity
3.8
First published (updated )
CVE-2017-18384

Cpanel CpanelInfoleak

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20946

Cpanel CpanelInfoleak

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20944
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Cpanel CpanelInfoleak

Risk 14
Severity
2.5
First published (updated )
CVE-2018-20943

Cpanel CpanelInfoleak

Risk 14
Severity
2.5
First published (updated )
CVE-2018-20942

Cpanel CpanelRace Condition

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20940

Cpanel CpanelInfoleak

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20939

Cpanel CpanelcPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20936
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Cpanel CpanelcPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).

Risk 20
Severity
3.8
First published (updated )
CVE-2018-20927

Cpanel CpanelInput Validation

Risk 22
Severity
3.3
First published (updated )
CVE-2018-20897

Cpanel CpanelCode Injection

Risk 25
Severity
3.9
First published (updated )
CVE-2018-20896

Cpanel CpanelInfoleak

Risk 18
Severity
3.3
First published (updated )
CVE-2018-20894

Cpanel CpanelInput Validation

Risk 13
Severity
2.3
First published (updated )
CVE-2018-20893
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203