Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centos vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2018-18323
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
435
VMScore
CVE-2018-18324
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
356
VMScore
CVE-2019-13385
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows malicious users to enumerate users and check for active users of the application by reading /tmp/login.log.
Control-webpanel Webpanel 0.9.8.840
445
VMScore
CVE-2019-13599
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows malicious users to check whether a username is valid by comparing response times.
Control-webpanel Webpanel 0.9.8.848
383
VMScore
CVE-2019-13387
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php (parameter fm_current_dir) allows malicious users to steal a cookie or session, or redirect to a phishing website.
Control-webpanel Webpanel 0.9.8.846
312
VMScore
CVE-2019-13476
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a low-privilege user to achieve root access via the email list page.
Control-webpanel Webpanel 0.9.8.837
355
VMScore
CVE-2019-11429
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.
Control-webpanel Webpanel 0.9.8.793
Control-webpanel Webpanel 0.9.8.807
Control-webpanel Webpanel 0.9.8.753
1 EDB exploit
383
VMScore
CVE-2019-13477
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an malicious user to change the password for the root account.
Control-webpanel Webpanel 0.9.8.837
495
VMScore
CVE-2016-3139
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel prior to 3.17 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Linux Linux Kernel
1 EDB exploit
NA
CVE-2017-18344.
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »