2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1449 | — | — | 0.9% | Dec 31, 2004 | Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of ... |
| CVE-2004-1450 | — | — | 1.2% | Dec 31, 2004 | Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locati... |
| CVE-2004-2058 | — | — | 1.8% | Dec 31, 2004 | ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages. |
| CVE-2004-1189 | — | — | 0.7% | Dec 31, 2004 | The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a p... |
| CVE-2004-1448 | — | — | 1.7% | Dec 31, 2004 | Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to uploa... |
| CVE-2004-1451 | — | — | 1.4% | Dec 31, 2004 | Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote ... |
| CVE-2004-2059 | — | — | 8.8% | Dec 31, 2004 | Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or ... |
| CVE-2004-1452 | — | — | 0.4% | Dec 31, 2004 | Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes ... |
| CVE-2004-1389 | — | — | 9.9% | Dec 31, 2004 | Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1... |
| CVE-2004-1459 | — | — | 1.8% | Dec 31, 2004 | Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIU... |
| CVE-2004-1438 | — | — | 0.7% | Dec 31, 2004 | The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access... |
| CVE-2004-2060 | — | — | 7.9% | Dec 31, 2004 | ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the... |
| CVE-2004-2228 | — | — | 0.4% | Dec 31, 2004 | Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain pr... |
| CVE-2004-2256 | — | — | 2.0% | Dec 31, 2004 | Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly ... |
| CVE-2004-2052 | — | — | 1.1% | Dec 31, 2004 | eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual passwor... |
| CVE-2004-2071 | — | — | 3.5% | Dec 31, 2004 | Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authenticat... |
| CVE-2004-2054 | — | — | 2.2% | Dec 31, 2004 | CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks... |
| CVE-2004-2056 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statement... |
| CVE-2004-2147 | — | — | 1.4% | Dec 31, 2004 | Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash)... |
| CVE-2004-1910 | — | — | 3.4% | Dec 31, 2004 | rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to ... |
| CVE-2004-1807 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web ... |
| CVE-2004-2049 | — | — | 0.4% | Dec 31, 2004 | eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in... |
| CVE-2004-1150 | — | — | 8.7% | Dec 31, 2004 | Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary... |
| CVE-2004-1899 | — | — | 1.7% | Dec 31, 2004 | The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST... |
| CVE-2004-2166 | — | — | 1.6% | Dec 31, 2004 | The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address ra... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now