2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0013jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attac...
CVE-2004-0044Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is...
CVE-2004-2132Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary fil...
CVE-2004-2133Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of cer...
CVE-2004-2034Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to e...
CVE-2004-2134Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the...
CVE-2004-2131Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, wit...
CVE-2004-2117Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a G...
CVE-2004-2122Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary...
CVE-2004-2120Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET re...
CVE-2004-1760The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6,...
CVE-2004-1759Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to ...
CVE-2004-0011Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
CVE-2004-0037FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF mes...
CVE-2004-0035SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQ...
CVE-2004-0034Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitra...
CVE-2004-0033admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpi...
CVE-2004-0032Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HT...
CVE-2004-0031PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTT...
CVE-2004-0029Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allow...
CVE-2004-0030CRITICAL9.8PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php fo...
CVE-2004-0036SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sens...
CVE-2004-0014Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary co...
CVE-2004-1766The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communicatio...
CVE-2004-2127Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in ...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now