2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2004-2064Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web scr...
CVE-2004-2067SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attack...
CVE-2004-0739Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and po...
CVE-2004-0730Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject arbitrary web script...
CVE-2004-0729PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.ph...
CVE-2004-0728The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to ...
CVE-2004-0727Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows...
CVE-2004-0726The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the lo...
CVE-2004-0740The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server c...
CVE-2004-0725Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbit...
CVE-2004-0724The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) vi...
CVE-2004-0723Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write c...
CVE-2004-0721Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting conte...
CVE-2004-0720Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another...
CVE-2004-0719Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly preve...
CVE-2004-0718The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a fram...
CVE-2004-0717Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a ...
CVE-2004-0715The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 and 7.0 through SP4 do...
CVE-2004-0714Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ...
CVE-2004-0713The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLogic Server and WebLogic Express version 8.1 throug...
CVE-2004-0712The configuration tools (1) config.sh in Unix or (2) config.cmd in Windows for BEA WebLogic Server 8.1 through SP2 creat...
CVE-2004-0711The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if th...
CVE-2004-0710IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers ...
CVE-2004-0709HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which cou...
CVE-2004-0708MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existi...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now