2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1306 | — | — | 34.5% | Dec 31, 2004 | Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows ... |
| CVE-2004-1296 | — | — | 0.3% | Dec 31, 2004 | The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink... |
| CVE-2004-2094 | — | — | 1.7% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote attackers to inject arbitrary HTML or web sc... |
| CVE-2004-2156 | — | — | 1.9% | Dec 31, 2004 | Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors. |
| CVE-2004-2162 | — | — | 4.1% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script o... |
| CVE-2004-1757 | — | — | 0.4% | Dec 31, 2004 | BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, whic... |
| CVE-2004-1761 | — | — | 2.7% | Dec 31, 2004 | Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) vi... |
| CVE-2004-1765 | — | — | 4.7% | Dec 31, 2004 | Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows... |
| CVE-2004-1900 | — | — | 3.8% | Dec 31, 2004 | Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attacker... |
| CVE-2004-1562 | — | — | 1.4% | Dec 31, 2004 | SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands... |
| CVE-2004-1755 | — | — | 1.5% | Dec 31, 2004 | The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple c... |
| CVE-2004-1523 | — | — | 1.7% | Dec 31, 2004 | Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers t... |
| CVE-2004-1762 | — | — | 2.5% | Dec 31, 2004 | Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FAS... |
| CVE-2004-2059 | — | — | 8.8% | Dec 31, 2004 | Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or ... |
| CVE-2004-1748 | — | — | 0.8% | Dec 31, 2004 | NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid poi... |
| CVE-2004-1750 | — | — | 1.7% | Dec 31, 2004 | RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections t... |
| CVE-2004-0567 | — | — | 72.3% | Dec 31, 2004 | The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser... |
| CVE-2004-1505 | — | — | 2.0% | Dec 31, 2004 | Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read... |
| CVE-2004-1564 | — | — | 6.1% | Dec 31, 2004 | CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response ... |
| CVE-2004-1753 | — | — | 1.6% | Dec 31, 2004 | The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed ... |
| CVE-2004-1763 | — | — | 8.1% | Dec 31, 2004 | Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a den... |
| CVE-2004-2060 | — | — | 7.9% | Dec 31, 2004 | ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the... |
| CVE-2004-2157 | — | — | 2.0% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7... |
| CVE-2004-1736 | — | — | 1.5% | Dec 31, 2004 | Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.p... |
| CVE-2004-1738 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now