Strix
26.1K

2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CRITICAL12

0.4%

HIGH24

0.9%

MEDIUM9

0.3%

LOW0

0.0%

UNKNOWN2,662

98.3%

CVE IDSeverityCVSSDescription
CVE-2004-0451Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Prot...
CVE-2004-0448Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execu...
CVE-2004-0395The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exis...
CVE-2004-0393Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitra...
CVE-2004-0635The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash...
CVE-2004-0634The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (proce...
CVE-2004-0633The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abor...
CVE-2004-0628Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (...
CVE-2004-0627The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication v...
CVE-2004-0626The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, ...
CVE-2004-0625SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via...
CVE-2004-0624PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to...
CVE-2004-0623Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format ...
CVE-2004-0622Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow...
CVE-2004-0621admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the...
CVE-2004-0620Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attac...
CVE-2004-0619Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a d...
CVE-2004-0618FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call wi...
CVE-2004-0617Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML vi...
CVE-2004-0616The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obta...
CVE-2004-0615Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router run...
CVE-2004-0614osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote ...
CVE-2004-0613osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP reques...
CVE-2004-0612The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which c...
CVE-2004-0611Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new conne...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now