Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1245 | 1 Opera Software | 1 Opera Web Browser | 2008-09-05 | 5.0 MEDIUM | N/A |
| Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name. | |||||
| CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2008-09-05 | 1.2 LOW | N/A |
| rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
| CVE-2001-1565 | 1 Apple | 1 Mac Os X | 2008-09-05 | 2.1 LOW | N/A |
| Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command. | |||||
| CVE-2001-1543 | 1 Axis | 5 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 2 more | 2008-09-05 | 7.5 HIGH | N/A |
| Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera. | |||||
| CVE-2001-1538 | 1 Speedxess | 1 Ha-120 Dsl Router | 2008-09-05 | 7.5 HIGH | N/A |
| SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | |||||
| CVE-2001-1317 | 1 Teamware | 1 Teamware Office | 2008-09-05 | 7.5 HIGH | N/A |
| Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1271 | 1 Rarsoft | 1 Rar | 2008-09-05 | 2.1 LOW | N/A |
| Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames. | |||||
| CVE-2001-1465 | 1 Surfcontrol | 1 Superscout Web Filter | 2008-09-05 | 4.6 MEDIUM | N/A |
| SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements. | |||||
| CVE-2001-1253 | 1 Com2001 | 1 Alexis Server | 2008-09-05 | 4.6 MEDIUM | N/A |
| Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. | |||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2008-09-05 | 10.0 HIGH | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | |||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2008-09-05 | 5.0 MEDIUM | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||||
| CVE-2001-1510 | 1 Macromedia | 1 Jrun | 2008-09-05 | 5.0 MEDIUM | N/A |
| Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. | |||||
| CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2008-09-05 | 4.6 MEDIUM | N/A |
| tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | |||||
| CVE-2001-1272 | 1 Wliang | 1 Wmtv | 2008-09-05 | 4.6 MEDIUM | N/A |
| wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option. | |||||
| CVE-2001-1548 | 1 Zonelabs | 1 Zonealarm | 2008-09-05 | 2.1 LOW | N/A |
| ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. | |||||
| CVE-2001-1262 | 1 Avaya | 1 Argent Office | 2008-09-05 | 7.5 HIGH | N/A |
| Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string. | |||||
| CVE-2001-1525 | 1 Easyscripts | 1 Easynews | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter. | |||||
| CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2008-09-05 | 3.7 LOW | N/A |
| Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
| CVE-2001-1532 | 1 Web Crossing | 1 Webx | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions. | |||||
| CVE-2001-1514 | 1 Macromedia | 1 Coldfusion | 2008-09-05 | 10.0 HIGH | N/A |
| ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function and are executed with <CFOBJECT> or end with the CFX extension, which allows attackers to execute programs with the permissions of the System account. | |||||