2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0584 | — | — | 1.3% | Aug 6, 2004 | Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which a... |
| CVE-2004-0583 | — | — | 2.1% | Aug 6, 2004 | The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, wh... |
| CVE-2004-0582 | — | — | 2.1% | Aug 6, 2004 | Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to con... |
| CVE-2004-0581 | — | — | 0.4% | Aug 6, 2004 | ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrar... |
| CVE-2004-0580 | — | — | 8.0% | Aug 6, 2004 | DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly cl... |
| CVE-2004-0579 | — | — | 0.4% | Aug 6, 2004 | Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root. |
| CVE-2004-0557 | — | — | 25.1% | Aug 6, 2004 | Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allo... |
| CVE-2004-0554 | — | — | 0.9% | Aug 6, 2004 | Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an inf... |
| CVE-2004-0551 | — | — | 3.1% | Aug 6, 2004 | Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote atta... |
| CVE-2004-0550 | — | — | 3.5% | Aug 6, 2004 | Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large ... |
| CVE-2004-0549 | — | — | 61.1% | Aug 6, 2004 | The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6,... |
| CVE-2004-0548 | — | — | 0.9% | Aug 6, 2004 | Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users... |
| CVE-2004-0547 | — | — | 2.7% | Aug 6, 2004 | Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (cra... |
| CVE-2004-0545 | — | — | 0.3% | Aug 6, 2004 | LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2004-0544 | — | — | 1.2% | Aug 6, 2004 | Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) get... |
| CVE-2004-0543 | — | — | 7.0% | Aug 6, 2004 | Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 all... |
| CVE-2004-0542 | — | — | 31.1% | Aug 6, 2004 | PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote atta... |
| CVE-2004-0541 | — | — | 71.1% | Aug 6, 2004 | Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when comp... |
| CVE-2004-0540 | — | — | 4.8% | Aug 6, 2004 | Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, ... |
| CVE-2004-0539 | — | — | 4.8% | Aug 6, 2004 | The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications,... |
| CVE-2004-0538 | — | — | 1.7% | Aug 6, 2004 | LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow at... |
| CVE-2004-0537 | — | — | 2.3% | Aug 6, 2004 | Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which... |
| CVE-2004-0536 | — | — | 0.4% | Aug 6, 2004 | Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, ... |
| CVE-2004-0535 | — | — | 0.5% | Aug 6, 2004 | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows l... |
| CVE-2004-0530 | — | — | 0.4% | Aug 6, 2004 | The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now