All Vulnerabilities

CVE-ID	Description	CVSS-Score
		V2	V3
CVE-2001-1404	Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.	7.5	None
CVE-2001-1403	Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser'...	7.5	None
CVE-2001-1402	Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the produ...	7.5	None
CVE-2001-1401	Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3...	7.5	None
CVE-2001-1400	Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).	2.1	None
CVE-2001-1399	Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."	2.1	None
CVE-2001-1398	Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.	7.5	None
CVE-2001-1397	The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.	2.1	None
CVE-2001-1396	Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.	3.6	None
CVE-2001-1395	Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.	3.6	None
CVE-2001-1394	Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.	2.1	None
CVE-2001-1393	Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).	2.1	None
CVE-2001-1392	The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers.	2.1	None
CVE-2001-1391	Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.	2.1	None
CVE-2001-1390	Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.	6.2	None
CVE-2001-1389	Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NUL...	7.5	None
CVE-2001-1388	iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator.	5.0	None
CVE-2001-1387	iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possib...	2.1	None
CVE-2001-1386	WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.	5.0	None
CVE-2001-1385	The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP script...	5.0	None

HPI-VDB — Database for IT-Attack Analysis