2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-2091Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vu...
CVE-2004-2079Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to ...
CVE-2004-2078Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss o...
CVE-2004-2080Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single...
CVE-2004-2093Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a de...
CVE-2004-2092eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application...
CVE-2004-2087Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user.
CVE-2004-2077Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service ...
CVE-2004-1244Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2...
CVE-2004-2090Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via ...
CVE-2004-2084Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbi...
CVE-2004-2073Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside ...
CVE-2004-2089Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the us...
CVE-2004-2086Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers t...
CVE-2004-2085Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers ...
CVE-2004-0042vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote...
CVE-2004-0041The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, whic...
CVE-2004-0046Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script o...
CVE-2004-0043Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (...
CVE-2004-0028jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands...
CVE-2004-0017Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote ...
CVE-2004-0016The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allow...
CVE-2004-1082mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response...
CVE-2004-0045Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote att...
CVE-2004-0015vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows loca...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now