2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1025 | — | — | 5.2% | Jan 10, 2005 | Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, ... |
| CVE-2004-0993 | — | — | 10.2% | Jan 10, 2005 | Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possib... |
| CVE-2004-1261 | — | — | 8.8% | Jan 10, 2005 | Multiple buffer overflows in the preparse function in asp2php 0.76.23 allow remote attackers to execute arbitrary code v... |
| CVE-2004-1270 | — | — | 0.5% | Jan 10, 2005 | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lpp... |
| CVE-2004-1294 | — | — | 1.0% | Jan 10, 2005 | The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses ... |
| CVE-2004-1318 | — | — | 1.9% | Jan 6, 2005 | Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject a... |
| CVE-2004-1183 | — | — | 3.9% | Jan 6, 2005 | Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of serv... |
| CVE-2004-1061 | — | — | 1.0% | Jan 4, 2005 | Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attacke... |
| CVE-2004-1312 | — | — | 2.5% | Jan 3, 2005 | A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote ... |
| CVE-2004-1166 | — | — | 39.2% | Dec 31, 2004 | CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute... |
| CVE-2004-0462 | — | — | 0.4% | Dec 31, 2004 | The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS ... |
| CVE-2004-1017 | — | — | 3.3% | Dec 31, 2004 | Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors. |
| CVE-2004-1155 | — | — | 12.6% | Dec 31, 2004 | Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one wind... |
| CVE-2004-1156 | — | — | 1.4% | Dec 31, 2004 | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting conten... |
| CVE-2004-0138 | — | — | 0.4% | Dec 31, 2004 | The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted E... |
| CVE-2004-1146 | — | — | 1.4% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote ... |
| CVE-2004-0913 | — | — | 0.4% | Dec 31, 2004 | Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows att... |
| CVE-2004-0826 | — | — | 22.5% | Dec 31, 2004 | Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitr... |
| CVE-2004-1143 | — | — | 1.6% | Dec 31, 2004 | The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for rem... |
| CVE-2004-0533 | — | — | 0.7% | Dec 31, 2004 | Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote au... |
| CVE-2004-1144 | — | — | 0.4% | Dec 31, 2004 | Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. |
| CVE-2004-0829 | — | — | 3.9% | Dec 31, 2004 | smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPri... |
| CVE-2004-0824 | — | — | 0.6% | Dec 31, 2004 | PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDia... |
| CVE-2004-1140 | — | — | 2.5% | Dec 31, 2004 | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill ... |
| CVE-2004-0919 | — | — | 0.4% | Dec 31, 2004 | The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordi... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now