2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1415 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote att... |
| CVE-2004-1141 | — | — | 2.5% | Dec 31, 2004 | The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application c... |
| CVE-2004-1904 | — | — | 4.9% | Dec 31, 2004 | Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Inter... |
| CVE-2004-2118 | — | — | 1.9% | Dec 31, 2004 | Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, pos... |
| CVE-2004-2382 | — | — | 1.6% | Dec 31, 2004 | The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser cras... |
| CVE-2004-2419 | — | — | 0.3% | Dec 31, 2004 | Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on ... |
| CVE-2004-2430 | — | — | 0.4% | Dec 31, 2004 | Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a v... |
| CVE-2004-1140 | — | — | 2.5% | Dec 31, 2004 | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill ... |
| CVE-2004-2251 | — | — | 2.1% | Dec 31, 2004 | The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for ... |
| CVE-2004-2319 | — | — | 0.5% | Dec 31, 2004 | IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log f... |
| CVE-2004-2238 | — | — | 1.3% | Dec 31, 2004 | Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in ... |
| CVE-2004-2372 | — | — | 0.7% | Dec 31, 2004 | Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME... |
| CVE-2004-2239 | — | — | 2.8% | Dec 31, 2004 | Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute... |
| CVE-2004-1434 | — | — | 3.3% | Dec 31, 2004 | Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2)... |
| CVE-2004-2240 | — | — | 1.6% | Dec 31, 2004 | Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via ... |
| CVE-2004-2383 | — | — | 20.0% | Dec 31, 2004 | Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and cap... |
| CVE-2004-2112 | — | — | 3.6% | Dec 31, 2004 | Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot... |
| CVE-2004-2140 | — | — | 1.0% | Dec 31, 2004 | CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the su... |
| CVE-2004-2200 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary w... |
| CVE-2004-2199 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web scri... |
| CVE-2004-1510 | — | — | 1.8% | Dec 31, 2004 | WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upc... |
| CVE-2004-2237 | — | — | 1.7% | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts.... |
| CVE-2004-2374 | — | — | 2.8% | Dec 31, 2004 | BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php... |
| CVE-2004-2411 | — | — | 2.2% | Dec 31, 2004 | The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs... |
| CVE-2004-2113 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now