2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0830The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Micro...
CVE-2004-1667Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server cr...
CVE-2004-0851The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary fi...
CVE-2004-0823OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow c...
CVE-2004-0822Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allow...
CVE-2004-1348Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
CVE-2004-1665Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web scri...
CVE-2004-1664Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2...
CVE-2004-1663Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) ...
CVE-2004-0637Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the...
CVE-2004-1661MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "...
CVE-2004-1659Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Adminis...
CVE-2004-1658Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security ...
CVE-2004-1372Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long ...
CVE-2004-1654SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute ...
CVE-2004-1655Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary w...
CVE-2004-1656CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting...
CVE-2004-1657Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attac...
CVE-2004-1653The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perfor...
CVE-2004-1648Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add...
CVE-2004-1774Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0....
CVE-2004-1650D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the ...
CVE-2004-1649Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the m...
CVE-2004-1651Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote att...
CVE-2004-1652phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which al...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now