2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0537Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which...
CVE-2004-0536Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, ...
CVE-2004-0535The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows l...
CVE-2004-0530The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, ...
CVE-2004-0529The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mo...
CVE-2004-0528Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified...
CVE-2004-0527KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with m...
CVE-2004-0526Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via...
CVE-2004-0525HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service ...
CVE-2004-0524Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local us...
CVE-2004-0522Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
CVE-2004-0495Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memor...
CVE-2004-0493The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memor...
CVE-2004-0492Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a d...
CVE-2004-0461The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnp...
CVE-2004-0460Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote...
CVE-2004-0453Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denia...
CVE-2004-0450Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers t...
CVE-2004-0447Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impa...
CVE-2004-0418serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which ...
CVE-2004-0417Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x t...
CVE-2004-0416Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may a...
CVE-2004-0414CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents ...
CVE-2004-0413libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL ...
CVE-2004-0215Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now