2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0830 | — | — | 1.6% | Sep 9, 2004 | The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Micro... |
| CVE-2004-1667 | — | — | 1.9% | Sep 9, 2004 | Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server cr... |
| CVE-2004-0851 | — | — | 0.3% | Sep 8, 2004 | The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary fi... |
| CVE-2004-0823 | — | — | 2.7% | Sep 7, 2004 | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow c... |
| CVE-2004-0822 | — | — | 0.5% | Sep 7, 2004 | Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allow... |
| CVE-2004-1348 | — | — | 1.8% | Sep 6, 2004 | Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). |
| CVE-2004-1665 | — | — | 3.6% | Sep 5, 2004 | Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web scri... |
| CVE-2004-1664 | — | — | 7.5% | Sep 5, 2004 | Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2... |
| CVE-2004-1663 | — | — | 4.2% | Sep 4, 2004 | Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) ... |
| CVE-2004-0637 | — | — | 17.8% | Sep 2, 2004 | Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the... |
| CVE-2004-1661 | — | — | 2.9% | Sep 2, 2004 | MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "... |
| CVE-2004-1659 | — | — | 3.6% | Sep 2, 2004 | Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Adminis... |
| CVE-2004-1658 | — | — | 0.9% | Sep 2, 2004 | Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security ... |
| CVE-2004-1372 | — | — | 0.5% | Sep 1, 2004 | Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long ... |
| CVE-2004-1654 | — | — | 1.3% | Sep 1, 2004 | SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute ... |
| CVE-2004-1655 | — | — | 2.2% | Sep 1, 2004 | Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary w... |
| CVE-2004-1656 | — | — | 2.3% | Sep 1, 2004 | CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting... |
| CVE-2004-1657 | — | — | 1.8% | Sep 1, 2004 | Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attac... |
| CVE-2004-1653 | — | — | 11.6% | Aug 31, 2004 | The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perfor... |
| CVE-2004-1648 | — | — | 1.3% | Aug 31, 2004 | Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add... |
| CVE-2004-1774 | — | — | 2.7% | Aug 31, 2004 | Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.... |
| CVE-2004-1650 | — | — | 3.2% | Aug 31, 2004 | D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the ... |
| CVE-2004-1649 | — | — | 2.4% | Aug 31, 2004 | Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the m... |
| CVE-2004-1651 | — | — | 1.3% | Aug 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote att... |
| CVE-2004-1652 | — | — | 1.1% | Aug 31, 2004 | phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which al... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now