2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1872 | — | — | 1.8% | Mar 29, 2004 | Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web... |
| CVE-2004-1870 | — | — | 1.2% | Mar 29, 2004 | Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' pass... |
| CVE-2004-1874 | — | — | 1.3% | Mar 29, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 ... |
| CVE-2004-0113 | — | — | 9.9% | Mar 29, 2004 | Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of servic... |
| CVE-2004-0194 | — | — | 11.1% | Mar 29, 2004 | Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to ex... |
| CVE-2004-0160 | — | — | 0.4% | Mar 29, 2004 | Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file... |
| CVE-2004-0158 | — | — | 0.9% | Mar 29, 2004 | Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable ... |
| CVE-2004-0126 | — | — | 0.3% | Mar 29, 2004 | The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn'... |
| CVE-2004-1865 | MEDIUM | 4.8 | 1.0% | Mar 26, 2004 | Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users wi... |
| CVE-2004-1864 | — | — | 2.2% | Mar 26, 2004 | SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL comm... |
| CVE-2004-1866 | — | — | 3.2% | Mar 26, 2004 | nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, whi... |
| CVE-2004-1862 | — | — | 2.5% | Mar 26, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote atta... |
| CVE-2004-1861 | — | — | 0.8% | Mar 25, 2004 | Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain... |
| CVE-2004-1868 | — | — | 6.7% | Mar 25, 2004 | Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a... |
| CVE-2004-1859 | — | — | 8.4% | Mar 24, 2004 | Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attac... |
| CVE-2004-1851 | — | — | 1.1% | Mar 24, 2004 | Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier... |
| CVE-2004-1854 | — | — | 6.9% | Mar 24, 2004 | Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code ... |
| CVE-2004-2037 | — | — | 6.9% | Mar 24, 2004 | Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service ... |
| CVE-2004-1857 | — | — | 86.8% | Mar 24, 2004 | Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to re... |
| CVE-2004-1856 | — | — | 29.5% | Mar 24, 2004 | devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to up... |
| CVE-2004-1849 | — | — | 1.4% | Mar 24, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web scrip... |
| CVE-2004-1884 | — | — | 5.8% | Mar 23, 2004 | Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers... |
| CVE-2004-1850 | — | — | 1.7% | Mar 23, 2004 | The Rage 1.01 and earlier allows remote attackers to cause a denial of service (infinite loop) via a TCP packet with the... |
| CVE-2004-1852 | — | — | 0.8% | Mar 23, 2004 | DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, whic... |
| CVE-2004-1855 | — | — | 2.6% | Mar 23, 2004 | Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now