2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1434 | — | — | 3.3% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2)... |
| CVE-2004-1437 | — | — | 13.4% | Dec 31, 2004 | Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attacke... |
| CVE-2004-1432 | — | — | 4.1% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1433 | — | — | 4.1% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1438 | — | — | 0.7% | Dec 31, 2004 | The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access... |
| CVE-2004-1447 | — | — | 1.7% | Dec 31, 2004 | Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers ... |
| CVE-2004-1427 | — | — | 1.7% | Dec 31, 2004 | PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execut... |
| CVE-2004-1428 | — | — | 2.8% | Dec 31, 2004 | ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a passwo... |
| CVE-2004-1426 | — | — | 1.5% | Dec 31, 2004 | Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitr... |
| CVE-2004-1429 | — | — | 1.3% | Dec 31, 2004 | ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it e... |
| CVE-2004-1423 | — | — | 15.5% | Dec 31, 2004 | Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth o... |
| CVE-2004-1424 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbit... |
| CVE-2004-1425 | — | — | 1.8% | Dec 31, 2004 | Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary sess... |
| CVE-2004-1430 | — | — | 1.3% | Dec 31, 2004 | SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arb... |
| CVE-2004-0806 | — | — | 1.7% | Dec 31, 2004 | cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before execu... |
| CVE-2004-1143 | — | — | 1.6% | Dec 31, 2004 | The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for rem... |
| CVE-2004-0789 | — | — | 2.8% | Dec 31, 2004 | Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Netw... |
| CVE-2004-1431 | — | — | 1.5% | Dec 31, 2004 | FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in th... |
| CVE-2004-1448 | — | — | 1.7% | Dec 31, 2004 | Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to uploa... |
| CVE-2004-1491 | — | — | 12.6% | Dec 31, 2004 | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitr... |
| CVE-2004-0592 | — | — | 2.4% | Dec 31, 2004 | The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when... |
| CVE-2004-0952 | — | — | 4.6% | Dec 31, 2004 | HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to se... |
| CVE-2004-0951 | — | — | 4.5% | Dec 31, 2004 | The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the ... |
| CVE-2004-1421 | — | — | 4.2% | Dec 31, 2004 | Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in... |
| CVE-2004-0948 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now