Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1421 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of different fonts followed by an HTML HR tag. | |||||
| CVE-2001-1422 | 1 Att | 1 Winvnc | 2017-07-10 | 7.5 HIGH | N/A |
| WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | |||||
| CVE-2001-1423 | 1 Advanced Poll | 1 Advanced Poll | 2017-07-10 | 7.5 HIGH | N/A |
| Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileges by setting the logged_in parameter. | |||||
| CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2017-07-10 | 7.5 HIGH | N/A |
| Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2001-1425 | 1 Alcatel | 1 Speed Touch Home | 2017-07-10 | 7.5 HIGH | N/A |
| The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login. | |||||
| CVE-2001-1426 | 1 Alcatel | 1 Speed Touch Home | 2017-07-10 | 7.5 HIGH | N/A |
| Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations. | |||||
| CVE-2001-1427 | 1 Macromedia | 1 Coldfusion | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | |||||
| CVE-2001-1428 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2017-07-10 | 7.5 HIGH | N/A |
| The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2001-1429 | 1 Midnight Commander | 1 Midnight Commander | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file. | |||||
| CVE-2001-1430 | 1 Cayman | 1 3220-h Dsl Router | 2017-07-10 | 7.5 HIGH | N/A |
| Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2001-1431 | 2 Checkpoint, Nokia | 3 Firewall-1, Vpn-1, Firewall Appliance | 2017-07-10 | 5.0 MEDIUM | N/A |
| Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. | |||||
| CVE-2001-1432 | 1 Cherokee | 1 Cherokee Httpd | 2017-07-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2001-1433 | 1 Cherokee | 1 Cherokee Httpd | 2017-07-10 | 7.5 HIGH | N/A |
| Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities. | |||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||||
| CVE-2001-1435 | 1 Compaq | 1 Tru64 | 2017-07-10 | 5.0 MEDIUM | N/A |
| inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services. | |||||
| CVE-2001-1436 | 1 Dallas Semiconductor | 1 Ibutton | 2017-07-10 | 4.6 MEDIUM | N/A |
| Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password. | |||||
| CVE-2001-1437 | 1 Easyscripts | 1 Easynews | 2017-07-10 | 7.5 HIGH | N/A |
| easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out. | |||||
| CVE-2001-1563 | 2 Apache, Hp | 2 Tomcat, Secure Os | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. | |||||
| CVE-2001-1575 | 1 Apple | 1 Personal Web Sharing | 2017-07-10 | 5.0 MEDIUM | N/A |
| Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow. | |||||
| CVE-2001-1577 | 1 Caldera | 2 Openunix, Unixware | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused. | |||||