2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0814 | — | — | 0.7% | Dec 23, 2004 | Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain p... |
| CVE-2004-0810 | — | — | 2.0% | Dec 23, 2004 | Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) vi... |
| CVE-2004-0805 | — | — | 3.8% | Dec 23, 2004 | Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code ... |
| CVE-2004-0803 | — | — | 8.3% | Dec 23, 2004 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer over... |
| CVE-2004-0749 | — | — | 1.5% | Dec 23, 2004 | The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable... |
| CVE-2004-1375 | — | — | 0.5% | Dec 23, 2004 | Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows loca... |
| CVE-2004-1373 | — | — | 70.1% | Dec 23, 2004 | Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) ... |
| CVE-2004-0685 | — | — | 0.5% | Dec 23, 2004 | Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow... |
| CVE-2004-1361 | — | — | 19.9% | Dec 23, 2004 | Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allo... |
| CVE-2004-2130 | — | — | 6.5% | Dec 23, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbi... |
| CVE-2004-1339 | — | — | 1.5% | Dec 23, 2004 | SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracl... |
| CVE-2004-1338 | — | — | 1.2% | Dec 23, 2004 | The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actio... |
| CVE-2004-1337 | — | — | 0.4% | Dec 23, 2004 | The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a proc... |
| CVE-2004-1336 | — | — | 0.4% | Dec 23, 2004 | The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to... |
| CVE-2004-1305 | — | — | 62.4% | Dec 23, 2004 | The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Window... |
| CVE-2004-0646 | — | — | 7.1% | Dec 23, 2004 | Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) ... |
| CVE-2004-0601 | — | — | 1.6% | Dec 23, 2004 | distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which ... |
| CVE-2004-0564 | — | — | 0.4% | Dec 23, 2004 | Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local user... |
| CVE-2004-0563 | — | — | 0.4% | Dec 23, 2004 | The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions,... |
| CVE-2004-1778 | — | — | 0.4% | Dec 22, 2004 | Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with wor... |
| CVE-2004-0452 | — | — | 0.4% | Dec 21, 2004 | Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for t... |
| CVE-2004-1307 | — | — | 6.3% | Dec 21, 2004 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execu... |
| CVE-2004-0852 | — | — | 3.2% | Dec 20, 2004 | Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL. |
| CVE-2004-1329 | — | — | 3.3% | Dec 20, 2004 | Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd ... |
| CVE-2004-1326 | — | — | 1.1% | Dec 20, 2004 | Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter. |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now