2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-0137 | — | — | 0.3% | Aug 6, 2004 | Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system pan... |
| CVE-2004-0136 | — | — | 0.4% | Aug 6, 2004 | The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system cra... |
| CVE-2004-0135 | — | — | 0.3% | Aug 6, 2004 | The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and wr... |
| CVE-2004-0125 | — | — | 0.3% | Aug 6, 2004 | The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables ori... |
| CVE-2004-1710 | — | — | 2.1% | Aug 6, 2004 | page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. |
| CVE-2004-1711 | — | — | 1.3% | Aug 6, 2004 | Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary we... |
| CVE-2004-1712 | — | — | 0.9% | Aug 6, 2004 | Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name ... |
| CVE-2004-0641 | — | — | 2.6% | Aug 5, 2004 | Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP I... |
| CVE-2004-1679 | — | — | 1.7% | Aug 4, 2004 | Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (trip... |
| CVE-2004-1371 | — | — | 10.8% | Aug 4, 2004 | Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in t... |
| CVE-2004-1367 | — | — | 7.3% | Aug 4, 2004 | Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP o... |
| CVE-2004-1369 | — | — | 5.6% | Aug 4, 2004 | The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed ser... |
| CVE-2004-1370 | — | — | 3.9% | Aug 4, 2004 | Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remo... |
| CVE-2004-1709 | — | — | 0.3% | Aug 4, 2004 | Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token... |
| CVE-2004-1362 | — | — | 9.0% | Aug 4, 2004 | The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set... |
| CVE-2004-1368 | — | — | 5.6% | Aug 4, 2004 | ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname i... |
| CVE-2004-1364 | — | — | 13.8% | Aug 4, 2004 | Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries ... |
| CVE-2004-1365 | — | — | 7.4% | Aug 4, 2004 | Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local... |
| CVE-2004-1366 | — | — | 15.5% | Aug 4, 2004 | Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.propertie... |
| CVE-2004-1708 | — | — | 1.6% | Aug 2, 2004 | Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. |
| CVE-2004-1706 | — | — | 3.4% | Aug 2, 2004 | The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) an... |
| CVE-2004-1705 | — | — | 4.9% | Jul 30, 2004 | Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username. |
| CVE-2004-1707 | — | — | 2.6% | Jul 30, 2004 | The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default pa... |
| CVE-2004-1704 | — | — | 1.5% | Jul 30, 2004 | WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the ... |
| CVE-2004-2066 | — | — | 1.4% | Jul 29, 2004 | SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and byp... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now