Vulnerabilities > 7PK - Security Features
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-05 | CVE-2017-18476 | 7PK - Security Features vulnerability in Cpanel Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | 5.0 |
| 2019-08-05 | CVE-2016-10772 | 7PK - Security Features vulnerability in Cpanel cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). | 2.1 |
| 2019-08-05 | CVE-2017-18467 | 7PK - Security Features vulnerability in Cpanel cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). | 4.0 |
| 2019-08-05 | CVE-2017-18462 | 7PK - Security Features vulnerability in Cpanel cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | 5.0 |
| 2019-08-02 | CVE-2017-18445 | 7PK - Security Features vulnerability in Cpanel cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | 4.0 |
| 2019-08-02 | CVE-2017-18429 | 7PK - Security Features vulnerability in Cpanel In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). | 2.1 |
| 2019-07-11 | CVE-2019-0048 | 7PK - Security Features vulnerability in Juniper Junos On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. | 5.0 |
| 2019-07-03 | CVE-2017-8227 | 7PK - Security Features vulnerability in Amcrest Ipm-721S Firmware Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. | 5.0 |
| 2019-07-02 | CVE-2017-11579 | 7PK - Security Features vulnerability in Blipcare Wi-Fi Blood Pressure Monitor Firmware In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. | 4.8 |
| 2019-06-10 | CVE-2017-13718 | 7PK - Security Features vulnerability in Starry S00111 Firmware The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. | 6.0 |