2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0788 | — | — | 5.9% | Oct 20, 2004 | Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attacke... |
| CVE-2004-0792 | — | — | 2.3% | Oct 20, 2004 | Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is di... |
| CVE-2004-0794 | — | — | 2.4% | Oct 20, 2004 | Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers t... |
| CVE-2004-0793 | — | — | 0.6% | Oct 20, 2004 | The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, wh... |
| CVE-2004-1618 | — | — | 1.7% | Oct 19, 2004 | Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malforme... |
| CVE-2004-1353 | — | — | 0.4% | Oct 19, 2004 | Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to... |
| CVE-2004-1609 | — | — | 1.8% | Oct 18, 2004 | SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which ... |
| CVE-2004-1608 | — | — | 1.5% | Oct 18, 2004 | SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id par... |
| CVE-2004-1607 | — | — | 1.8% | Oct 18, 2004 | slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment... |
| CVE-2004-1621 | — | — | 3.1% | Oct 18, 2004 | NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Do... |
| CVE-2004-1606 | — | — | 2.0% | Oct 18, 2004 | slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP r... |
| CVE-2004-1612 | — | — | 3.3% | Oct 18, 2004 | Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot)... |
| CVE-2004-1615 | — | — | 2.7% | Oct 18, 2004 | Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web pa... |
| CVE-2004-1610 | — | — | 2.2% | Oct 18, 2004 | SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users t... |
| CVE-2004-1613 | — | — | 1.7% | Oct 18, 2004 | Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) ... |
| CVE-2004-1611 | — | — | 1.6% | Oct 18, 2004 | SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remo... |
| CVE-2004-1617 | — | — | 3.8% | Oct 18, 2004 | Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a... |
| CVE-2004-1616 | — | — | 1.9% | Oct 18, 2004 | Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contai... |
| CVE-2004-1614 | — | — | 1.5% | Oct 18, 2004 | Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unus... |
| CVE-2004-1638 | — | — | 62.8% | Oct 16, 2004 | Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (... |
| CVE-2004-1600 | — | — | 1.5% | Oct 16, 2004 | index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which... |
| CVE-2004-1599 | — | — | 1.3% | Oct 16, 2004 | Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to execute arbitrary... |
| CVE-2004-1601 | — | — | 2.7% | Oct 16, 2004 | Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files a... |
| CVE-2004-1602 | — | — | 30.7% | Oct 15, 2004 | ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which al... |
| CVE-2004-1605 | — | — | 2.1% | Oct 14, 2004 | SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now