2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-1363CRITICAL9.8Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in ...
CVE-2004-1362The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set...
CVE-2004-1706The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) an...
CVE-2004-1708Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections.
CVE-2004-1704WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the ...
CVE-2004-1703HIGH8.8Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that co...
CVE-2004-1705Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.
CVE-2004-1707The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default pa...
CVE-2004-2064Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web scr...
CVE-2004-2067SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attack...
CVE-2004-2066SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and byp...
CVE-2004-2061CRITICAL9.8RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbi...
CVE-2004-0727Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows...
CVE-2004-0726The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the lo...
CVE-2004-0725Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbit...
CVE-2004-0724The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) vi...
CVE-2004-0723Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write c...
CVE-2004-0721Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting conte...
CVE-2004-0720Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another...
CVE-2004-0719Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly preve...
CVE-2004-0718The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a fram...
CVE-2004-0717Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a ...
CVE-2004-0566Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a...
CVE-2004-0594The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when reg...
CVE-2004-0595The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag ...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now