24h | 7d | 30d

CVE-2026-29203

Overview

  • WebPros
  • cPanel
08 May 2026
Published
09 May 2026
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path under their home directory.

Statistics

  • 1 Post
Last activity: 9 hours ago

Fediverse

Profile picture fallback
:mastodon: decio @decio

Spoiler de l'épisode de hier : cPanel a bien livré les détails techniques en même temps que les patchs.
Au menu de l'after :

• CVE-2026-29201 : path traversal :8bitrainbow: via feature::LOADFEATUREFILE → fichier arbitraire en world-readable
• CVE-2026-29202 : injection Perl dans create_user (paramètre plugin)
• CVE-2026-29203 : symlink mal géré → chmod arbitraire → DoS + escalade de privilèges

/scripts/upcp et go apero!
Bon courage aux admins de garde 🫡

docs.cpanel.net/changelogs/134

vulnerability.circl.lu/vuln/CV



  • 0
  • 0
  • 0
  • 9h ago

CVE-2005-2350

Overview

  • websieve
  • websieve
01 Nov 2019
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.43%
KEV

Description

Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago

CVE-2005-2353

Overview

  • Pending
05 Aug 2005
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.08%
KEV

Description

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago

CVE-2005-2354

Overview

  • Nvu
05 Nov 2019
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.51%
KEV

Description

Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago

CVE-2005-2351

Overview

  • mutt
  • mutt
01 Nov 2019
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.13%
KEV

Description

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago

CVE-2005-2349

Overview

  • Pending
28 Oct 2019
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.36%
KEV

Description

Zoo 2.10 has Directory traversal

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago

CVE-2005-2352

Overview

  • gs-gpl
  • gs-gpl
01 Nov 2019
Published
07 Aug 2024
Updated
CVSS
Pending
EPSS
0.32%
KEV

Description

I race condition in Temp files was found in gs-gpl before 8.56 addons scripts.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Top 5 "longest time delta between reserved date & published date" btw go to Debian for some third party shit, with more than 14 years in limbo:
CVE-2005-2349
CVE-2005-2350
CVE-2005-2351
CVE-2005-2352
CVE-2005-2354

CVE-2005-2353 was released at the time, just in case you are wondering :neobot_giggle:

  • 0
  • 1
  • 0
  • 5h ago
Showing 41 to 47 of 47 CVEs