2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0999 | — | — | 1.4% | Dec 31, 2004 | zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted mu... |
| CVE-2004-1330 | — | — | 1.2% | Dec 31, 2004 | Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. |
| CVE-2004-1332 | — | — | 9.5% | Dec 31, 2004 | Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attacke... |
| CVE-2004-1799 | — | — | 1.5% | Dec 31, 2004 | PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original... |
| CVE-2004-1800 | — | — | 1.5% | Dec 31, 2004 | Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access v... |
| CVE-2004-1801 | — | — | 3.1% | Dec 31, 2004 | Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary files via a .. (dot dot)... |
| CVE-2004-1808 | — | — | 0.3% | Dec 31, 2004 | Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbit... |
| CVE-2004-2115 | — | — | 58.4% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attacker... |
| CVE-2004-1328 | — | — | 0.5% | Dec 31, 2004 | Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. |
| CVE-2004-1736 | — | — | 1.5% | Dec 31, 2004 | Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.p... |
| CVE-2004-2162 | — | — | 4.1% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script o... |
| CVE-2004-2197 | — | — | 0.3% | Dec 31, 2004 | kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to ... |
| CVE-2004-1795 | — | — | 0.3% | Dec 31, 2004 | Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. |
| CVE-2004-1797 | — | — | 3.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to i... |
| CVE-2004-2107 | — | — | 7.7% | Dec 31, 2004 | Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which ... |
| CVE-2004-1798 | — | — | 2.2% | Dec 31, 2004 | RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchroniz... |
| CVE-2004-1796 | — | — | 9.3% | Dec 31, 2004 | PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP co... |
| CVE-2004-1017 | — | — | 3.3% | Dec 31, 2004 | Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors. |
| CVE-2004-1809 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web scr... |
| CVE-2004-2111 | — | — | 86.9% | Dec 31, 2004 | Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute... |
| CVE-2004-1239 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1529 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execu... |
| CVE-2004-1723 | — | — | 1.2% | Dec 31, 2004 | The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive in... |
| CVE-2004-1556 | — | — | 1.6% | Dec 31, 2004 | MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connect... |
| CVE-2004-1794 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script o... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now