2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0713The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLogic Server and WebLogic Express version 8.1 throug...
CVE-2004-0712The configuration tools (1) config.sh in Unix or (2) config.cmd in Windows for BEA WebLogic Server 8.1 through SP2 creat...
CVE-2004-0711The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if th...
CVE-2004-0710IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers ...
CVE-2004-0709HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which cou...
CVE-2004-0708MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existi...
CVE-2004-0707SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote at...
CVE-2004-0736The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search p...
CVE-2004-0706Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password i...
CVE-2004-0705Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (3) editmilestones.cg...
CVE-2004-0742Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privile...
CVE-2004-0695Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbit...
CVE-2004-0696The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a ...
CVE-2004-2053PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitra...
CVE-2004-2051The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbit...
CVE-2004-2047Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbit...
CVE-2004-1749Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, a...
CVE-2004-2055Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbit...
CVE-2004-0473Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a...
CVE-2004-0471BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for star...
CVE-2004-0470BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic B...
CVE-2004-0427The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count coun...
CVE-2004-0469Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R5...
CVE-2004-0459The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding...
CVE-2004-0430Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitr...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now