2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2004-0822Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allow...
CVE-2004-1348Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
CVE-2004-1664Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2...
CVE-2004-1665Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web scri...
CVE-2004-1663Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) ...
CVE-2004-1658Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security ...
CVE-2004-1661MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "...
CVE-2004-0637Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the...
CVE-2004-1659Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Adminis...
CVE-2004-1657Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attac...
CVE-2004-1654SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute ...
CVE-2004-1372Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long ...
CVE-2004-1655Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary w...
CVE-2004-1656CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting...
CVE-2004-1652phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which al...
CVE-2004-1774Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0....
CVE-2004-1653The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perfor...
CVE-2004-1651Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote att...
CVE-2004-1650D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the ...
CVE-2004-1649Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the m...
CVE-2004-1648Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add...
CVE-2004-1645Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML vi...
CVE-2004-1646Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the...
CVE-2004-1647SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass a...
CVE-2004-1660PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP c...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now