2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0666Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a denial of service (a...
CVE-2004-0665csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveal...
CVE-2004-0664Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directorie...
CVE-2004-0663Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary s...
CVE-2004-0662PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests...
CVE-2004-0661Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a ...
CVE-2004-0660Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in Cu...
CVE-2004-0659Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code v...
CVE-2004-0658Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) d...
CVE-2004-0657Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a c...
CVE-2004-0656The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceed...
CVE-2004-0655eupdatedb in esearch 0.6.1 and earlier allows local users to create arbitrary files via a symlink attack on the esearchd...
CVE-2004-0654Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the...
CVE-2004-0653Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module...
CVE-2004-0652BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows atta...
CVE-2004-0651Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a de...
CVE-2004-0650UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and ...
CVE-2004-0649Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
CVE-2004-0648Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitr...
CVE-2004-0647shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink at...
CVE-2004-0645Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remo...
CVE-2004-0640Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows re...
CVE-2004-0639Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject ...
CVE-2004-0596The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users t...
CVE-2004-0591Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now