2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-2194 | — | — | 2.1% | Dec 31, 2004 | MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial... |
| CVE-2004-2253 | — | — | 7.1% | Dec 31, 2004 | Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary fi... |
| CVE-2004-2244 | — | — | 2.6% | Dec 31, 2004 | The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2... |
| CVE-2004-2188 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary we... |
| CVE-2004-1536 | — | — | 2.4% | Dec 31, 2004 | SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows rem... |
| CVE-2004-1893 | — | — | 2.4% | Dec 31, 2004 | Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb... |
| CVE-2004-2193 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary w... |
| CVE-2004-2191 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to... |
| CVE-2004-1382 | — | — | 0.4% | Dec 31, 2004 | The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on t... |
| CVE-2004-1383 | — | — | 2.8% | Dec 31, 2004 | Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrar... |
| CVE-2004-1384 | — | — | 4.0% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inj... |
| CVE-2004-1385 | — | — | 7.3% | Dec 31, 2004 | phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive information via (1) unexpected characters ... |
| CVE-2004-1900 | — | — | 3.8% | Dec 31, 2004 | Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attacker... |
| CVE-2004-1387 | — | — | 0.5% | Dec 31, 2004 | The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a... |
| CVE-2004-1388 | — | — | 68.2% | Dec 31, 2004 | Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 ... |
| CVE-2004-1389 | — | — | 9.9% | Dec 31, 2004 | Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1... |
| CVE-2004-1390 | — | — | 7.3% | Dec 31, 2004 | Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code v... |
| CVE-2004-1391 | — | — | 0.6% | Dec 31, 2004 | Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitra... |
| CVE-2004-1392 | — | — | 10.4% | Dec 31, 2004 | PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a fi... |
| CVE-2004-1393 | — | — | 2.6% | Dec 31, 2004 | Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a de... |
| CVE-2004-1394 | — | — | 0.3% | Dec 31, 2004 | The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in ... |
| CVE-2004-1395 | — | — | 3.8% | Dec 31, 2004 | The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron ... |
| CVE-2004-1396 | — | — | 3.1% | Dec 31, 2004 | Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU ... |
| CVE-2004-1397 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTM... |
| CVE-2004-2314 | — | — | 2.4% | Dec 31, 2004 | The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, whic... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now