2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2277 | — | — | 5.7% | Dec 31, 2004 | Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possib... |
| CVE-2004-2327 | — | — | 1.7% | Dec 31, 2004 | Vizer Web Server 1.9.1 allows remote attackers to cause a denial of service (crash) via multiple malformed requests incl... |
| CVE-2004-2264 | — | — | 2.0% | Dec 31, 2004 | Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to c... |
| CVE-2004-2347 | — | — | 9.9% | Dec 31, 2004 | blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metach... |
| CVE-2004-2265 | — | — | 0.4% | Dec 31, 2004 | UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. |
| CVE-2004-1449 | — | — | 0.9% | Dec 31, 2004 | Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of ... |
| CVE-2004-2266 | — | — | 1.3% | Dec 31, 2004 | SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image para... |
| CVE-2004-2409 | — | — | 0.5% | Dec 31, 2004 | Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t updat... |
| CVE-2004-1402 | — | — | 3.3% | Dec 31, 2004 | SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string pa... |
| CVE-2004-1306 | — | — | 34.5% | Dec 31, 2004 | Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows ... |
| CVE-2004-1902 | — | — | 0.4% | Dec 31, 2004 | The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords... |
| CVE-2004-2045 | — | — | 3.1% | Dec 31, 2004 | The HTTP administration interface on Conceptronic CADSLR1 ADSL router running firmware 3.04n allows remote attackers to ... |
| CVE-2004-2222 | — | — | 1.8% | Dec 31, 2004 | Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary dire... |
| CVE-2004-2227 | — | — | 1.8% | Dec 31, 2004 | Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote at... |
| CVE-2004-1535 | — | — | 6.3% | Dec 31, 2004 | PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to e... |
| CVE-2004-2225 | — | — | 1.8% | Dec 31, 2004 | Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted ... |
| CVE-2004-2262 | — | — | 14.9% | Dec 31, 2004 | ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to ... |
| CVE-2004-2436 | — | — | 0.5% | Dec 31, 2004 | Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndA... |
| CVE-2004-1566 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to exec... |
| CVE-2004-1907 | — | — | 6.7% | Dec 31, 2004 | The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of ser... |
| CVE-2004-1424 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbit... |
| CVE-2004-2465 | — | — | 1.0% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary... |
| CVE-2004-1762 | — | — | 2.5% | Dec 31, 2004 | Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FAS... |
| CVE-2004-1914 | — | — | 1.7% | Dec 31, 2004 | SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to execut... |
| CVE-2004-2212 | — | — | 1.5% | Dec 31, 2004 | SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL comma... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now