Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20893 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | 2.3 |
| 2019-08-01 | CVE-2015-7559 | Improper Input Validation vulnerability in multiple products It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. | 2.7 |
| 2019-08-01 | CVE-2018-20880 | Unspecified vulnerability in Cpanel cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | 3.3 |
| 2019-08-01 | CVE-2018-20873 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | 3.3 |
| 2019-07-31 | CVE-2019-10343 | Information Exposure Through Log Files vulnerability in Jenkins Configuration AS Code Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied. | 3.3 |
| 2019-07-30 | CVE-2019-10165 | Information Exposure Through Log Files vulnerability in Redhat Openshift Container Platform OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. | 2.3 |
| 2019-07-30 | CVE-2019-5452 | Unspecified vulnerability in Nextcloud Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved. low complexity nextcloud | 2.4 |
| 2019-07-30 | CVE-2019-1552 | Improper Certificate Validation vulnerability in Openssl OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. | 3.3 |
| 2019-07-30 | CVE-2019-14414 | Unspecified vulnerability in Cpanel In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478). | 3.3 |
| 2019-07-30 | CVE-2019-14412 | Use of Externally-Controlled Format String vulnerability in Cpanel Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474). | 3.3 |