2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0824 | — | — | 0.6% | Dec 31, 2004 | PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDia... |
| CVE-2004-0390 | — | — | 2.6% | Dec 31, 2004 | SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which... |
| CVE-2004-0821 | — | — | 0.4% | Dec 31, 2004 | The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow loc... |
| CVE-2004-0817 | — | — | 4.9% | Dec 31, 2004 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via... |
| CVE-2004-0638 | — | — | 6.6% | Dec 31, 2004 | Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Re... |
| CVE-2004-0951 | — | — | 4.5% | Dec 31, 2004 | The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the ... |
| CVE-2004-1296 | — | — | 0.3% | Dec 31, 2004 | The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink... |
| CVE-2004-0952 | — | — | 4.6% | Dec 31, 2004 | HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to se... |
| CVE-2004-0561 | — | — | 2.3% | Dec 31, 2004 | Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a deni... |
| CVE-2004-1166 | — | — | 39.2% | Dec 31, 2004 | CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute... |
| CVE-2004-0467 | — | — | 4.2% | Dec 31, 2004 | Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large ... |
| CVE-2004-1238 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1239 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1240 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-0369 | — | — | 4.4% | Dec 31, 2004 | Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Secur... |
| CVE-2004-0811 | — | — | 6.8% | Dec 31, 2004 | Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to o... |
| CVE-2004-1241 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1236 | — | — | 8.9% | Dec 31, 2004 | Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allow... |
| CVE-2004-0808 | — | — | 5.4% | Dec 31, 2004 | The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows... |
| CVE-2004-0806 | — | — | 1.7% | Dec 31, 2004 | cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before execu... |
| CVE-2004-0813 | — | — | 0.4% | Dec 31, 2004 | Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform una... |
| CVE-2004-0592 | — | — | 2.4% | Dec 31, 2004 | The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when... |
| CVE-2004-1242 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1155 | — | — | 12.6% | Dec 31, 2004 | Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one wind... |
| CVE-2004-1156 | — | — | 1.4% | Dec 31, 2004 | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting conten... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now