2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2212 | — | — | 1.5% | Dec 31, 2004 | SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL comma... |
| CVE-2004-2253 | — | — | 7.1% | Dec 31, 2004 | Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary fi... |
| CVE-2004-2259 | — | — | 2.1% | Dec 31, 2004 | vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal d... |
| CVE-2004-2439 | — | — | 2.2% | Dec 31, 2004 | The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote att... |
| CVE-2004-2452 | — | — | 1.5% | Dec 31, 2004 | Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other version... |
| CVE-2004-2247 | — | — | 1.4% | Dec 31, 2004 | Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact ... |
| CVE-2004-2248 | — | — | 1.7% | Dec 31, 2004 | Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissio... |
| CVE-2004-0561 | — | — | 2.3% | Dec 31, 2004 | Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a deni... |
| CVE-2004-0560 | — | — | 3.0% | Dec 31, 2004 | Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly exec... |
| CVE-2004-2405 | — | — | 1.7% | Dec 31, 2004 | Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote ... |
| CVE-2004-2126 | — | — | 0.4% | Dec 31, 2004 | The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini... |
| CVE-2004-1104 | — | — | 35.3% | Dec 31, 2004 | Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a ph... |
| CVE-2004-2128 | — | — | 2.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as ot... |
| CVE-2004-2246 | — | — | 2.7% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or we... |
| CVE-2004-2129 | — | — | 3.4% | Dec 31, 2004 | SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibl... |
| CVE-2004-2249 | — | — | 1.4% | Dec 31, 2004 | Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly ... |
| CVE-2004-2441 | — | — | 1.7% | Dec 31, 2004 | Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related... |
| CVE-2004-0555 | — | — | 3.3% | Dec 31, 2004 | Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary c... |
| CVE-2004-1907 | — | — | 6.7% | Dec 31, 2004 | The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of ser... |
| CVE-2004-2213 | — | — | 1.4% | Dec 31, 2004 | Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailin... |
| CVE-2004-2139 | — | — | 2.1% | Dec 31, 2004 | Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.p... |
| CVE-2004-2069 | — | — | 3.4% | Dec 31, 2004 | sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly si... |
| CVE-2004-1296 | — | — | 0.3% | Dec 31, 2004 | The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink... |
| CVE-2004-2214 | CRITICAL | 9.8 | 2.7% | Dec 31, 2004 | Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case... |
| CVE-2004-2385 | — | — | 6.7% | Dec 31, 2004 | EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now