Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-12-31 | CVE-2001-1538 | Unspecified vulnerability in Speedxess Ha-120 DSL Router SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | 7.5 |
2001-12-31 | CVE-2001-1537 | Cleartext Storage of Sensitive Information vulnerability in Symfony Twig The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges. | 7.5 |
2001-12-31 | CVE-2001-1536 | Cleartext Storage of Sensitive Information vulnerability in Audiogalaxy Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack. | 7.5 |
2001-12-31 | CVE-2001-1531 | Buffer Overflow vulnerability in Apple Claris Emailer 2.0V2 Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename. | 7.5 |
2001-12-31 | CVE-2001-1529 | Remote Security vulnerability in AIX Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. | 7.5 |
2001-12-31 | CVE-2001-1515 | Improper Preservation of Permissions vulnerability in Microsoft Windows 2000 Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended. | 7.5 |
2001-12-31 | CVE-2001-1513 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1 Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx. | 7.5 |
2001-12-31 | CVE-2001-1507 | Unspecified vulnerability in Openbsd Openssh 3.0/3.0P1 OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | 7.5 |
2001-12-31 | CVE-2001-1504 | Unspecified vulnerability in IBM Lotus Notes 4.6/5.0 Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. | 7.5 |
2001-12-31 | CVE-2001-1502 | Unspecified vulnerability in Mountain Network Systems Webcart 8.4 webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | 7.5 |