2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2004-0137Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system pan...
CVE-2004-0136The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system cra...
CVE-2004-0135The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and wr...
CVE-2004-0125The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables ori...
CVE-2004-1710page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter.
CVE-2004-1711Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary we...
CVE-2004-1712Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name ...
CVE-2004-0641Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP I...
CVE-2004-1679Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (trip...
CVE-2004-1371Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in t...
CVE-2004-1367Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP o...
CVE-2004-1369The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed ser...
CVE-2004-1370Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remo...
CVE-2004-1709Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token...
CVE-2004-1362The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set...
CVE-2004-1368ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname i...
CVE-2004-1364Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries ...
CVE-2004-1365Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local...
CVE-2004-1366Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.propertie...
CVE-2004-1708Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections.
CVE-2004-1706The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) an...
CVE-2004-1705Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.
CVE-2004-1707The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default pa...
CVE-2004-1704WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the ...
CVE-2004-2066SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and byp...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now