2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0537 | — | — | 2.3% | Aug 6, 2004 | Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which... |
| CVE-2004-0536 | — | — | 0.4% | Aug 6, 2004 | Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, ... |
| CVE-2004-0535 | — | — | 0.5% | Aug 6, 2004 | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows l... |
| CVE-2004-0530 | — | — | 0.4% | Aug 6, 2004 | The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, ... |
| CVE-2004-0529 | — | — | 1.5% | Aug 6, 2004 | The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mo... |
| CVE-2004-0528 | — | — | 2.3% | Aug 6, 2004 | Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified... |
| CVE-2004-0527 | — | — | 5.8% | Aug 6, 2004 | KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with m... |
| CVE-2004-0526 | — | — | 17.2% | Aug 6, 2004 | Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via... |
| CVE-2004-0525 | — | — | 2.7% | Aug 6, 2004 | HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service ... |
| CVE-2004-0524 | — | — | 4.6% | Aug 6, 2004 | Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local us... |
| CVE-2004-0522 | — | — | 2.8% | Aug 6, 2004 | Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. |
| CVE-2004-0495 | — | — | 0.4% | Aug 6, 2004 | Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memor... |
| CVE-2004-0493 | — | — | 84.8% | Aug 6, 2004 | The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memor... |
| CVE-2004-0492 | — | — | 33.6% | Aug 6, 2004 | Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a d... |
| CVE-2004-0461 | — | — | 16.8% | Aug 6, 2004 | The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnp... |
| CVE-2004-0460 | — | — | 45.3% | Aug 6, 2004 | Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote... |
| CVE-2004-0453 | — | — | 0.4% | Aug 6, 2004 | Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denia... |
| CVE-2004-0450 | — | — | 4.7% | Aug 6, 2004 | Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers t... |
| CVE-2004-0447 | — | — | 0.4% | Aug 6, 2004 | Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impa... |
| CVE-2004-0418 | — | — | 5.7% | Aug 6, 2004 | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which ... |
| CVE-2004-0417 | — | — | 3.1% | Aug 6, 2004 | Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x t... |
| CVE-2004-0416 | — | — | 13.2% | Aug 6, 2004 | Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may a... |
| CVE-2004-0414 | — | — | 4.0% | Aug 6, 2004 | CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents ... |
| CVE-2004-0413 | — | — | 5.9% | Aug 6, 2004 | libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL ... |
| CVE-2004-0215 | — | — | 15.6% | Aug 6, 2004 | Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now