2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0567 | — | — | 72.3% | Dec 31, 2004 | The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser... |
| CVE-2004-1143 | — | — | 1.6% | Dec 31, 2004 | The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for rem... |
| CVE-2004-1901 | MEDIUM | 5.5 | 0.4% | Dec 31, 2004 | Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. |
| CVE-2004-1995 | MEDIUM | 6.5 | 1.8% | Dec 31, 2004 | Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via... |
| CVE-2004-2081 | — | — | 5.1% | Dec 31, 2004 | The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by... |
| CVE-2004-2239 | — | — | 2.8% | Dec 31, 2004 | Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute... |
| CVE-2004-2242 | — | — | 3.6% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attacke... |
| CVE-2004-2289 | — | — | 23.2% | Dec 31, 2004 | Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file c... |
| CVE-2004-2070 | — | — | 0.5% | Dec 31, 2004 | The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by op... |
| CVE-2004-2071 | — | — | 3.5% | Dec 31, 2004 | Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authenticat... |
| CVE-2004-0561 | — | — | 2.3% | Dec 31, 2004 | Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a deni... |
| CVE-2004-0560 | — | — | 3.0% | Dec 31, 2004 | Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly exec... |
| CVE-2004-2072 | — | — | 4.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows r... |
| CVE-2004-1460 | — | — | 1.6% | Dec 31, 2004 | Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory ... |
| CVE-2004-1104 | — | — | 35.3% | Dec 31, 2004 | Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a ph... |
| CVE-2004-1461 | — | — | 1.7% | Dec 31, 2004 | Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random... |
| CVE-2004-1476 | — | — | 2.3% | Dec 31, 2004 | Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows a... |
| CVE-2004-1464 | MEDIUM | 5.9 | 5.1% | Dec 31, 2004 | Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) conn... |
| CVE-2004-2069 | — | — | 3.4% | Dec 31, 2004 | sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly si... |
| CVE-2004-2235 | — | — | 1.4% | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. |
| CVE-2004-0555 | — | — | 3.3% | Dec 31, 2004 | Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary c... |
| CVE-2004-1452 | — | — | 0.4% | Dec 31, 2004 | Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes ... |
| CVE-2004-2010 | — | — | 2.6% | Dec 31, 2004 | PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arb... |
| CVE-2004-1458 | — | — | 1.8% | Dec 31, 2004 | The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote atta... |
| CVE-2004-1459 | — | — | 1.8% | Dec 31, 2004 | Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIU... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now