2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1144 | — | — | 0.4% | Dec 31, 2004 | Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. |
| CVE-2004-1143 | — | — | 1.6% | Dec 31, 2004 | The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for rem... |
| CVE-2004-1141 | — | — | 2.5% | Dec 31, 2004 | The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application c... |
| CVE-2004-1468 | — | — | 3.6% | Dec 31, 2004 | The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell... |
| CVE-2004-1485 | — | — | 2.5% | Dec 31, 2004 | Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via ... |
| CVE-2004-2253 | — | — | 7.1% | Dec 31, 2004 | Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary fi... |
| CVE-2004-2282 | — | — | 1.4% | Dec 31, 2004 | DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request. |
| CVE-2004-2318 | — | — | 1.9% | Dec 31, 2004 | The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a... |
| CVE-2004-1417 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to i... |
| CVE-2004-1146 | — | — | 1.4% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote ... |
| CVE-2004-1140 | — | — | 2.5% | Dec 31, 2004 | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill ... |
| CVE-2004-2113 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or ... |
| CVE-2004-2100 | — | — | 1.4% | Dec 31, 2004 | GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauth... |
| CVE-2004-1150 | — | — | 8.7% | Dec 31, 2004 | Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary... |
| CVE-2004-2174 | — | — | 1.8% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbi... |
| CVE-2004-2101 | — | — | 1.9% | Dec 31, 2004 | The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd paramete... |
| CVE-2004-2102 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to injec... |
| CVE-2004-2244 | — | — | 2.6% | Dec 31, 2004 | The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2... |
| CVE-2004-1155 | — | — | 12.6% | Dec 31, 2004 | Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one wind... |
| CVE-2004-1156 | — | — | 1.4% | Dec 31, 2004 | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting conten... |
| CVE-2004-1414 | — | — | 1.3% | Dec 31, 2004 | Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that conta... |
| CVE-2004-1780 | — | — | 0.4% | Dec 31, 2004 | Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authenticati... |
| CVE-2004-2021 | — | — | 3.8% | Dec 31, 2004 | Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files ... |
| CVE-2004-1873 | — | — | 2.4% | Dec 31, 2004 | SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via ... |
| CVE-2004-2098 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary scr... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now