2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0013 | — | — | 1.8% | Feb 3, 2004 | jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attac... |
| CVE-2004-0044 | — | — | 1.7% | Feb 3, 2004 | Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is... |
| CVE-2004-2132 | — | — | 8.0% | Jan 29, 2004 | Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary fil... |
| CVE-2004-2133 | — | — | 0.6% | Jan 29, 2004 | Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of cer... |
| CVE-2004-2034 | — | — | 4.5% | Jan 29, 2004 | Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to e... |
| CVE-2004-2134 | — | — | 1.6% | Jan 28, 2004 | Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the... |
| CVE-2004-2131 | — | — | 1.4% | Jan 27, 2004 | Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, wit... |
| CVE-2004-2117 | — | — | 8.0% | Jan 24, 2004 | Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a G... |
| CVE-2004-2122 | — | — | 1.2% | Jan 24, 2004 | Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary... |
| CVE-2004-2120 | — | — | 3.1% | Jan 23, 2004 | Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET re... |
| CVE-2004-1760 | — | — | 3.8% | Jan 21, 2004 | The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6,... |
| CVE-2004-1759 | — | — | 2.4% | Jan 21, 2004 | Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to ... |
| CVE-2004-0011 | — | — | 4.2% | Jan 20, 2004 | Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. |
| CVE-2004-0037 | — | — | 2.2% | Jan 20, 2004 | FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF mes... |
| CVE-2004-0035 | — | — | 1.2% | Jan 20, 2004 | SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQ... |
| CVE-2004-0034 | — | — | 2.5% | Jan 20, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitra... |
| CVE-2004-0033 | — | — | 2.8% | Jan 20, 2004 | admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpi... |
| CVE-2004-0032 | — | — | 1.8% | Jan 20, 2004 | Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HT... |
| CVE-2004-0031 | — | — | 1.5% | Jan 20, 2004 | PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTT... |
| CVE-2004-0029 | — | — | 0.4% | Jan 20, 2004 | Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allow... |
| CVE-2004-0030 | CRITICAL | 9.8 | 6.8% | Jan 20, 2004 | PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php fo... |
| CVE-2004-0036 | — | — | 1.2% | Jan 20, 2004 | SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sens... |
| CVE-2004-0014 | — | — | 2.8% | Jan 20, 2004 | Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary co... |
| CVE-2004-1766 | — | — | 1.7% | Jan 20, 2004 | The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communicatio... |
| CVE-2004-2127 | — | — | 3.6% | Jan 20, 2004 | Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now