2001 CVE Vulnerabilities
1,556 CVEs published in 2001.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2001-1274 | — | — | 5.4% | Jan 23, 2001 | Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. |
| CVE-2001-1422 | — | — | 2.1% | Jan 23, 2001 | WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to ... |
| CVE-2001-1275 | — | — | 0.5% | Jan 19, 2001 | MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administra... |
| CVE-2001-1476 | — | — | 1.0% | Jan 18, 2001 | SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attacke... |
| CVE-2001-1470 | — | — | 1.1% | Jan 18, 2001 | The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows ... |
| CVE-2001-1469 | — | — | 1.2% | Jan 18, 2001 | The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the origina... |
| CVE-2001-1436 | — | — | 0.5% | Jan 18, 2001 | Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier f... |
| CVE-2001-1416 | — | — | 1.6% | Jan 18, 2001 | Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messeng... |
| CVE-2001-1475 | — | — | 1.5% | Jan 18, 2001 | SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new serve... |
| CVE-2001-1474 | — | — | 1.2% | Jan 18, 2001 | SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently re... |
| CVE-2001-1473 | — | — | 6.3% | Jan 18, 2001 | The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to ... |
| CVE-2001-1385 | — | — | 1.6% | Jan 12, 2001 | The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may ... |
| CVE-2001-1044 | — | — | 6.9% | Jan 11, 2001 | Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does ... |
| CVE-2001-1464 | — | — | 4.0% | Jan 10, 2001 | Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and passwo... |
| CVE-2001-1037 | — | — | 0.5% | Jan 8, 2001 | Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and ... |
| CVE-2001-0161 | — | — | 0.8% | Jan 1, 2001 | Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption... |
| CVE-2001-0163 | — | — | 2.8% | Jan 1, 2001 | Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoo... |
| CVE-2001-0162 | — | — | 15.2% | Jan 1, 2001 | WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hija... |
| CVE-2001-0160 | — | — | 0.8% | Jan 1, 2001 | Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol... |
| CVE-2001-0679 | — | — | 16.0% | Nov 8, 1999 | A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a lo... |
Check if your code is affected by 2001 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now