2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0868 | — | — | — | Dec 23, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of... |
| CVE-2004-0867 | — | — | 17.2% | Dec 23, 2004 | Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, ... |
| CVE-2004-0850 | — | — | 0.4% | Dec 23, 2004 | Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow l... |
| CVE-2004-0849 | — | — | 1.6% | Dec 23, 2004 | Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.... |
| CVE-2004-0842 | — | — | 56.6% | Dec 23, 2004 | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service... |
| CVE-2004-0841 | — | — | 48.7% | Dec 23, 2004 | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.sho... |
| CVE-2004-0834 | — | — | 0.4% | Dec 23, 2004 | Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) m... |
| CVE-2004-0833 | — | — | 2.5% | Dec 23, 2004 | Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fi... |
| CVE-2004-0814 | — | — | 0.7% | Dec 23, 2004 | Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain p... |
| CVE-2004-0810 | — | — | 2.0% | Dec 23, 2004 | Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) vi... |
| CVE-2004-0805 | — | — | 3.8% | Dec 23, 2004 | Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code ... |
| CVE-2004-0803 | — | — | 8.3% | Dec 23, 2004 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer over... |
| CVE-2004-0749 | — | — | 1.5% | Dec 23, 2004 | The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable... |
| CVE-2004-1375 | — | — | 0.5% | Dec 23, 2004 | Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows loca... |
| CVE-2004-1373 | — | — | 70.1% | Dec 23, 2004 | Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) ... |
| CVE-2004-0685 | — | — | 0.5% | Dec 23, 2004 | Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow... |
| CVE-2004-1361 | — | — | 19.9% | Dec 23, 2004 | Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allo... |
| CVE-2004-1339 | — | — | 1.5% | Dec 23, 2004 | SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracl... |
| CVE-2004-1338 | — | — | 1.2% | Dec 23, 2004 | The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actio... |
| CVE-2004-1337 | — | — | 0.4% | Dec 23, 2004 | The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a proc... |
| CVE-2004-1336 | — | — | 0.4% | Dec 23, 2004 | The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to... |
| CVE-2004-1305 | — | — | 62.4% | Dec 23, 2004 | The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Window... |
| CVE-2004-0646 | — | — | 7.1% | Dec 23, 2004 | Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) ... |
| CVE-2004-0601 | — | — | 1.6% | Dec 23, 2004 | distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which ... |
| CVE-2004-0564 | — | — | 0.4% | Dec 23, 2004 | Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local user... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now