Vulnerabilities > 7PK - Security Features
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-05 | CVE-2016-10772 | 7PK - Security Features vulnerability in Cpanel cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). | 3.3 |
| 2019-08-05 | CVE-2017-18467 | 7PK - Security Features vulnerability in Cpanel cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). | 4.3 |
| 2019-08-05 | CVE-2017-18462 | 7PK - Security Features vulnerability in Cpanel cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | 7.5 |
| 2019-08-02 | CVE-2017-18445 | 7PK - Security Features vulnerability in Cpanel cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | 4.3 |
| 2019-08-02 | CVE-2017-18429 | 7PK - Security Features vulnerability in Cpanel In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). | 3.3 |
| 2019-07-03 | CVE-2017-8227 | 7PK - Security Features vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. | 9.8 |
| 2019-07-02 | CVE-2017-11579 | 7PK - Security Features vulnerability in Blipcare Wi-Fi Blood Pressure Monitor Firmware Bp70010.1 In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. | 7.1 |
| 2019-06-10 | CVE-2017-13718 | 7PK - Security Features vulnerability in Starry S00111 Firmware The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. | 8.0 |
| 2019-05-10 | CVE-2019-5495 | 7PK - Security Features vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 |
| 2019-05-01 | CVE-2019-11636 | 7PK - Security Features vulnerability in Z.Cash Zcash Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack. | 7.5 |