2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1363 | CRITICAL | 9.8 | 9.1% | Aug 4, 2004 | Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in ... |
| CVE-2004-1362 | — | — | 9.0% | Aug 4, 2004 | The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set... |
| CVE-2004-1706 | — | — | 3.4% | Aug 2, 2004 | The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) an... |
| CVE-2004-1708 | — | — | 1.6% | Aug 2, 2004 | Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. |
| CVE-2004-1704 | — | — | 1.5% | Jul 30, 2004 | WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the ... |
| CVE-2004-1703 | HIGH | 8.8 | 2.0% | Jul 30, 2004 | Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that co... |
| CVE-2004-1705 | — | — | 4.9% | Jul 30, 2004 | Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username. |
| CVE-2004-1707 | — | — | 2.6% | Jul 30, 2004 | The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default pa... |
| CVE-2004-2064 | — | — | 1.9% | Jul 29, 2004 | Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web scr... |
| CVE-2004-2067 | — | — | 2.8% | Jul 29, 2004 | SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attack... |
| CVE-2004-2066 | — | — | 1.4% | Jul 29, 2004 | SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and byp... |
| CVE-2004-2061 | CRITICAL | 9.8 | 5.7% | Jul 27, 2004 | RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbi... |
| CVE-2004-0727 | — | — | 39.8% | Jul 27, 2004 | Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows... |
| CVE-2004-0726 | — | — | 11.4% | Jul 27, 2004 | The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the lo... |
| CVE-2004-0725 | — | — | 4.3% | Jul 27, 2004 | Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbit... |
| CVE-2004-0724 | — | — | 1.6% | Jul 27, 2004 | The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) vi... |
| CVE-2004-0723 | — | — | 13.0% | Jul 27, 2004 | Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write c... |
| CVE-2004-0721 | — | — | 1.6% | Jul 27, 2004 | Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting conte... |
| CVE-2004-0720 | — | — | 1.3% | Jul 27, 2004 | Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another... |
| CVE-2004-0719 | — | — | 5.1% | Jul 27, 2004 | Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly preve... |
| CVE-2004-0718 | — | — | 1.7% | Jul 27, 2004 | The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a fram... |
| CVE-2004-0717 | — | — | 2.2% | Jul 27, 2004 | Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a ... |
| CVE-2004-0566 | — | — | 38.5% | Jul 27, 2004 | Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a... |
| CVE-2004-0594 | — | — | 54.9% | Jul 27, 2004 | The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when reg... |
| CVE-2004-0595 | — | — | 45.2% | Jul 27, 2004 | The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now