Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Total 299287 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20959 1 Jura 2 E8, E8 Firmware 2024-11-21 4.8 MEDIUM 8.1 HIGH
Jura E8 devices lack Bluetooth connection security.
CVE-2018-20958 1 Tapplock 2 Tapplock, Tapplock Firmware 2024-11-21 3.3 LOW 6.5 MEDIUM
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device.
CVE-2018-20957 1 Tapplock 2 One\+, One\+ Firmware 2024-11-21 5.8 MEDIUM 8.8 HIGH
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks.
CVE-2018-20956 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 2.1 LOW 5.5 MEDIUM
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20955 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20954 1 Mailpile 1 Mailpile 2024-11-21 5.0 MEDIUM 7.5 HIGH
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys.
CVE-2018-20953 1 Cpanel 1 Cpanel 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2018-20952 1 Cpanel 1 Cpanel 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVE-2018-20951 1 Cpanel 1 Cpanel 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).
CVE-2018-20950 1 Cpanel 1 Cpanel 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
CVE-2018-20949 1 Cpanel 1 Cpanel 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).
CVE-2018-20948 1 Cpanel 1 Cpanel 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).
CVE-2018-20947 1 Cpanel 1 Cpanel 2024-11-21 2.1 LOW 5.5 MEDIUM
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2018-20946 1 Cpanel 1 Cpanel 2024-11-21 2.1 LOW 3.3 LOW
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
CVE-2018-20945 1 Cpanel 1 Cpanel 2024-11-21 7.9 HIGH 5.7 MEDIUM
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
CVE-2018-20944 1 Cpanel 1 Cpanel 2024-11-21 2.1 LOW 3.3 LOW
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
CVE-2018-20943 1 Cpanel 1 Cpanel 2024-11-21 1.9 LOW 2.5 LOW
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).
CVE-2018-20942 1 Cpanel 1 Cpanel 2024-11-21 1.9 LOW 2.5 LOW
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).
CVE-2018-20941 1 Cpanel 1 Cpanel 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).
CVE-2018-20940 1 Cpanel 1 Cpanel 2024-11-21 2.1 LOW 3.3 LOW
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).