2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2069 | — | — | 3.4% | Dec 31, 2004 | sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly si... |
| CVE-2004-0780 | — | — | 0.5% | Dec 31, 2004 | Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line... |
| CVE-2004-1951 | — | — | 8.1% | Dec 31, 2004 | xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite a... |
| CVE-2004-1958 | — | — | 2.4% | Dec 31, 2004 | Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files ... |
| CVE-2004-2013 | HIGH | 7.8 | 0.6% | Dec 31, 2004 | Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier al... |
| CVE-2004-1966 | — | — | 1.3% | Dec 31, 2004 | Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execu... |
| CVE-2004-2010 | — | — | 2.6% | Dec 31, 2004 | PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arb... |
| CVE-2004-2011 | — | — | 7.4% | Dec 31, 2004 | msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (... |
| CVE-2004-2070 | — | — | 0.5% | Dec 31, 2004 | The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by op... |
| CVE-2004-2017 | — | — | 2.8% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inje... |
| CVE-2004-2019 | — | — | 1.7% | Dec 31, 2004 | The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid s... |
| CVE-2004-2020 | — | — | 1.4% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitra... |
| CVE-2004-2024 | — | — | 1.1% | Dec 31, 2004 | The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functi... |
| CVE-2004-2023 | — | — | 1.8% | Dec 31, 2004 | SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows re... |
| CVE-2004-2026 | — | — | 6.6% | Dec 31, 2004 | Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute... |
| CVE-2004-2174 | — | — | 1.8% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbi... |
| CVE-2004-1560 | — | — | 25.6% | Dec 31, 2004 | Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long requ... |
| CVE-2004-2060 | — | — | 7.9% | Dec 31, 2004 | ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the... |
| CVE-2004-1471 | — | — | 7.7% | Dec 31, 2004 | Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attacker... |
| CVE-2004-0817 | — | — | 4.9% | Dec 31, 2004 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via... |
| CVE-2004-1775 | — | — | 1.7% | Dec 31, 2004 | Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 all... |
| CVE-2004-2058 | — | — | 1.8% | Dec 31, 2004 | ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages. |
| CVE-2004-0811 | — | — | 6.8% | Dec 31, 2004 | Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to o... |
| CVE-2004-2056 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statement... |
| CVE-2004-1577 | — | — | 1.2% | Dec 31, 2004 | index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveal... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now