2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1409 | — | — | 1.0% | Dec 31, 2004 | Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject a... |
| CVE-2004-1436 | — | — | 3.1% | Dec 31, 2004 | The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and... |
| CVE-2004-1437 | — | — | 13.4% | Dec 31, 2004 | Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attacke... |
| CVE-2004-1438 | — | — | 0.7% | Dec 31, 2004 | The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access... |
| CVE-2004-1384 | — | — | 4.0% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inj... |
| CVE-2004-0789 | — | — | 2.8% | Dec 31, 2004 | Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Netw... |
| CVE-2004-0808 | — | — | 5.4% | Dec 31, 2004 | The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows... |
| CVE-2004-1572 | — | — | 2.2% | Dec 31, 2004 | AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, whi... |
| CVE-2004-1573 | — | — | 0.5% | Dec 31, 2004 | The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local ... |
| CVE-2004-1753 | — | — | 1.6% | Dec 31, 2004 | The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed ... |
| CVE-2004-1432 | — | — | 4.1% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1389 | — | — | 9.9% | Dec 31, 2004 | Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1... |
| CVE-2004-1445 | — | — | 0.3% | Dec 31, 2004 | A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is... |
| CVE-2004-1386 | — | — | 1.8% | Dec 31, 2004 | TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execu... |
| CVE-2004-1433 | — | — | 4.1% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1434 | — | — | 3.3% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2)... |
| CVE-2004-1495 | — | — | 1.3% | Dec 31, 2004 | The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a... |
| CVE-2004-1242 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-0802 | — | — | 3.4% | Dec 31, 2004 | Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a special... |
| CVE-2004-1397 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTM... |
| CVE-2004-1241 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1431 | — | — | 1.5% | Dec 31, 2004 | FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in th... |
| CVE-2004-0806 | — | — | 1.7% | Dec 31, 2004 | cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before execu... |
| CVE-2004-1513 | — | — | 1.7% | Dec 31, 2004 | 04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inj... |
| CVE-2004-0821 | — | — | 0.4% | Dec 31, 2004 | The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow loc... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now