2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2004-1082mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response...
CVE-2004-0028jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands...
CVE-2004-0017Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote ...
CVE-2004-0016The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allow...
CVE-2004-0015vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows loca...
CVE-2004-0045Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote att...
CVE-2004-0013jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attac...
CVE-2004-0046Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script o...
CVE-2004-2034Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to e...
CVE-2004-2132Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary fil...
CVE-2004-2133Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of cer...
CVE-2004-2134Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the...
CVE-2004-2131Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, wit...
CVE-2004-2117Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a G...
CVE-2004-2122Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary...
CVE-2004-2120Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET re...
CVE-2004-1760The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6,...
CVE-2004-1759Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to ...
CVE-2004-0036SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sens...
CVE-2004-0034Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitra...
CVE-2004-0033admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpi...
CVE-2004-0032Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HT...
CVE-2004-0031PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTT...
CVE-2004-0029Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allow...
CVE-2004-0037FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF mes...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now