2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2337 | — | — | 0.3% | Dec 31, 2004 | The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local u... |
| CVE-2004-1824 | — | — | 2.6% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web... |
| CVE-2004-2256 | — | — | 2.0% | Dec 31, 2004 | Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly ... |
| CVE-2004-1795 | — | — | 0.3% | Dec 31, 2004 | Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. |
| CVE-2004-2483 | — | — | 1.7% | Dec 31, 2004 | Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries in response to A queries, which allows remote att... |
| CVE-2004-1327 | — | — | 4.4% | Dec 31, 2004 | Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a ... |
| CVE-2004-1328 | — | — | 0.5% | Dec 31, 2004 | Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. |
| CVE-2004-1447 | — | — | 1.7% | Dec 31, 2004 | Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers ... |
| CVE-2004-1330 | — | — | 1.2% | Dec 31, 2004 | Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. |
| CVE-2004-2094 | — | — | 1.7% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote attackers to inject arbitrary HTML or web sc... |
| CVE-2004-1332 | — | — | 9.5% | Dec 31, 2004 | Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attacke... |
| CVE-2004-1779 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject ar... |
| CVE-2004-2196 | — | — | 2.3% | Dec 31, 2004 | Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without require... |
| CVE-2004-2100 | — | — | 1.4% | Dec 31, 2004 | GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauth... |
| CVE-2004-2105 | — | — | 1.9% | Dec 31, 2004 | The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt fi... |
| CVE-2004-2098 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary scr... |
| CVE-2004-2485 | — | — | 1.5% | Dec 31, 2004 | Unspecified vulnerability in PHP Live! before 2.8.2, due to a "major security problem," allows remote attackers to inclu... |
| CVE-2004-2097 | — | — | 0.4% | Dec 31, 2004 | Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-... |
| CVE-2004-2198 | — | — | 6.1% | Dec 31, 2004 | account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by... |
| CVE-2004-2288 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a w... |
| CVE-2004-2425 | — | — | 13.5% | Dec 31, 2004 | Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary co... |
| CVE-2004-1343 | — | — | 1.9% | Dec 31, 2004 | CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exi... |
| CVE-2004-2498 | — | — | 1.4% | Dec 31, 2004 | Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and ... |
| CVE-2004-1450 | — | — | 1.2% | Dec 31, 2004 | Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locati... |
| CVE-2004-2054 | — | — | 2.2% | Dec 31, 2004 | CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now