2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1433 | — | — | 4.1% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1390 | — | — | 7.3% | Dec 31, 2004 | Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code v... |
| CVE-2004-1436 | — | — | 3.1% | Dec 31, 2004 | The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and... |
| CVE-2004-1458 | — | — | 1.8% | Dec 31, 2004 | The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote atta... |
| CVE-2004-1391 | — | — | 0.6% | Dec 31, 2004 | Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitra... |
| CVE-2004-1431 | — | — | 1.5% | Dec 31, 2004 | FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in th... |
| CVE-2004-1104 | — | — | 35.3% | Dec 31, 2004 | Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a ph... |
| CVE-2004-1388 | — | — | 68.2% | Dec 31, 2004 | Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 ... |
| CVE-2004-1509 | — | — | 1.6% | Dec 31, 2004 | validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter... |
| CVE-2004-1434 | — | — | 3.3% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2)... |
| CVE-2004-1514 | — | — | 1.8% | Dec 31, 2004 | 04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for... |
| CVE-2004-1428 | — | — | 2.8% | Dec 31, 2004 | ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a passwo... |
| CVE-2004-1429 | — | — | 1.3% | Dec 31, 2004 | ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it e... |
| CVE-2004-0567 | — | — | 72.3% | Dec 31, 2004 | The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser... |
| CVE-2004-0780 | — | — | 0.5% | Dec 31, 2004 | Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line... |
| CVE-2004-1387 | — | — | 0.5% | Dec 31, 2004 | The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a... |
| CVE-2004-1392 | — | — | 10.4% | Dec 31, 2004 | PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a fi... |
| CVE-2004-1430 | — | — | 1.3% | Dec 31, 2004 | SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arb... |
| CVE-2004-1435 | — | — | 3.2% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1567 | — | — | 6.8% | Dec 31, 2004 | profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter ... |
| CVE-2004-1343 | — | — | 1.9% | Dec 31, 2004 | CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exi... |
| CVE-2004-1746 | — | — | 3.6% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbi... |
| CVE-2004-1424 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbit... |
| CVE-2004-0789 | — | — | 2.8% | Dec 31, 2004 | Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Netw... |
| CVE-2004-1425 | — | — | 1.8% | Dec 31, 2004 | Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary sess... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now