2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-1728Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the...
CVE-2004-1729Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web s...
CVE-2004-1726Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrar...
CVE-2004-1732SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to execute arbitrary SQL...
CVE-2004-1733Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary fil...
CVE-2004-1731signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providi...
CVE-2004-0519Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary sc...
CVE-2004-0375SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall ...
CVE-2004-0234Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as B...
CVE-2004-0233Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwr...
CVE-2004-0232Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of ...
CVE-2004-0779The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for ...
CVE-2004-0769Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers fo...
CVE-2004-0767NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the Obj...
CVE-2004-0766NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the Base...
CVE-2004-0231Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary fi...
CVE-2004-0765The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the ho...
CVE-2004-0764Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface ...
CVE-2004-0763Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Jav...
CVE-2004-0762Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensio...
CVE-2004-0761Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect seque...
CVE-2004-0760Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null charact...
CVE-2004-0759Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input typ...
CVE-2004-0758Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA...
CVE-2004-0757Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunde...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now