2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-0388The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-0387Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and Real...
CVE-2004-0405CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client reques...
CVE-2004-0124The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network ...
CVE-2004-0123Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2...
CVE-2004-0155The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not veri...
CVE-2004-0156Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays...
CVE-2004-0120The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows r...
CVE-2004-0119HIGH7.5The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows re...
CVE-2004-0118The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate ...
CVE-2004-0117Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2...
CVE-2004-0116An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allow...
CVE-2004-0157x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows lo...
CVE-2004-0391Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a har...
CVE-2004-0389HIGH7.5RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via mal...
CVE-2004-0177The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an infor...
CVE-2004-0178The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not p...
CVE-2004-0403Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet w...
CVE-2004-2044PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLit...
CVE-2004-2039e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend...
CVE-2004-2040Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script ...
CVE-2004-2041PHP remote file inclusion vulnerability in secure_img_render.php in e107 0.615 allows remote attackers to execute arbitr...
CVE-2004-2042Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensit...
CVE-2004-2038Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbit...
CVE-2004-2036SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allow...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now