Latest CVE Feed
-
6.4
MEDIUMCVE-2001-1512
Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.... Read more
Affected Products : jrun- EPSS Score: %0.38
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1529
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.... Read more
Affected Products : aix- EPSS Score: %0.60
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1556
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX prog... Read more
Affected Products : http_server- EPSS Score: %1.65
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-1535
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.... Read more
Affected Products : slashcode- EPSS Score: %0.15
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1543
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.... Read more
Affected Products : 2100_network_camera 2110_network_camera 2120_network_camera neteye_200 neteye_200\+- EPSS Score: %0.90
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1500
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.... Read more
Affected Products : proftpd- EPSS Score: %1.08
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls co... Read more
Affected Products : proftpd- EPSS Score: %8.15
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1528
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.... Read more
Affected Products : homebet- EPSS Score: %7.86
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-1561
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.... Read more
- EPSS Score: %0.22
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1544
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.... Read more
Affected Products : jrun- EPSS Score: %0.38
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1502
webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.... Read more
Affected Products : webcart- EPSS Score: %8.72
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-1478
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.... Read more
- EPSS Score: %0.06
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1545
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.... Read more
Affected Products : jrun- EPSS Score: %0.39
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2001-1522
Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message.... Read more
Affected Products : php-nuke- EPSS Score: %0.02
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1495
network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.... Read more
- EPSS Score: %0.98
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1483
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.... Read more
Affected Products : one-time_passwords_in_everything- EPSS Score: %1.47
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1577
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.... Read more
- EPSS Score: %0.53
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1517
RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOT... Read more
Affected Products : windows_2000- EPSS Score: %2.27
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1565
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.... Read more
Affected Products : mac_os_x- EPSS Score: %0.18
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2001-1516
Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews.... Read more
Affected Products : phpreview- EPSS Score: %0.30
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025