LiveActive security incident?Get immediate response
CVE archive

August 2001

Browse CVE records published in August 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 53 matching CVEs · Page 1 of 2.

Unknown · CVSS Not scored

CVE-2001-1594: GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user...

GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Published Aug 4, 2015 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1401: Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla use...

Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi.

Published Aug 31, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1402: Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to c...

Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi.

Published Aug 31, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0636: Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the co...

Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2) execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2.0 and 2.0.1. NOTE: It is highly likely that this candidate will be split into multiple candidates.

Published Aug 29, 2001 · Updated Aug 8, 2024