2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2023 | — | — | 1.8% | Dec 31, 2004 | SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows re... |
| CVE-2004-1542 | — | — | 3.5% | Dec 31, 2004 | Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (ser... |
| CVE-2004-2024 | — | — | 1.1% | Dec 31, 2004 | The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functi... |
| CVE-2004-0567 | — | — | 72.3% | Dec 31, 2004 | The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser... |
| CVE-2004-1885 | — | — | 3.5% | Dec 31, 2004 | Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE... |
| CVE-2004-1900 | — | — | 3.8% | Dec 31, 2004 | Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attacker... |
| CVE-2004-2025 | — | — | 1.1% | Dec 31, 2004 | SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execu... |
| CVE-2004-2049 | — | — | 0.4% | Dec 31, 2004 | eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in... |
| CVE-2004-2214 | CRITICAL | 9.8 | 2.7% | Dec 31, 2004 | Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case... |
| CVE-2004-2277 | — | — | 5.7% | Dec 31, 2004 | Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possib... |
| CVE-2004-2019 | — | — | 1.7% | Dec 31, 2004 | The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid s... |
| CVE-2004-2020 | — | — | 1.4% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitra... |
| CVE-2004-0561 | — | — | 2.3% | Dec 31, 2004 | Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a deni... |
| CVE-2004-0560 | — | — | 3.0% | Dec 31, 2004 | Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly exec... |
| CVE-2004-2021 | — | — | 3.8% | Dec 31, 2004 | Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files ... |
| CVE-2004-1435 | — | — | 3.2% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3... |
| CVE-2004-1104 | — | — | 35.3% | Dec 31, 2004 | Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a ph... |
| CVE-2004-1436 | — | — | 3.1% | Dec 31, 2004 | The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and... |
| CVE-2004-1451 | — | — | 1.4% | Dec 31, 2004 | Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote ... |
| CVE-2004-1439 | — | — | 15.8% | Dec 31, 2004 | Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1)... |
| CVE-2004-2018 | — | — | 3.8% | Dec 31, 2004 | PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbi... |
| CVE-2004-2217 | — | — | 1.6% | Dec 31, 2004 | Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segm... |
| CVE-2004-0555 | — | — | 3.3% | Dec 31, 2004 | Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary c... |
| CVE-2004-1422 | — | — | 7.9% | Dec 31, 2004 | WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php s... |
| CVE-2004-1901 | MEDIUM | 5.5 | 0.4% | Dec 31, 2004 | Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now