cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).
cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435).
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).
cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).
In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).
cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).
In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).
In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).
cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142).
cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).
cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).
cPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31).
cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).
cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).
cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401).
cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426).
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).
cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218).
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).
cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303).
cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337).
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.
Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory.
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.