2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1934 | — | — | 8.3% | Apr 15, 2004 | PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to execute arbitrary PHP c... |
| CVE-2004-0111 | — | — | 2.1% | Apr 15, 2004 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. |
| CVE-2004-0173 | — | — | 15.8% | Apr 15, 2004 | Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, a... |
| CVE-2004-0148 | — | — | 0.4% | Apr 15, 2004 | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by c... |
| CVE-2004-0372 | — | — | 0.3% | Apr 15, 2004 | xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the... |
| CVE-2004-0217 | HIGH | 7 | 0.5% | Apr 15, 2004 | The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local u... |
| CVE-2004-0153 | — | — | 3.7% | Apr 15, 2004 | Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by... |
| CVE-2004-0364 | — | — | 3.7% | Apr 15, 2004 | The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows... |
| CVE-2004-0362 | — | — | 73.3% | Apr 15, 2004 | Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, a... |
| CVE-2004-0224 | — | — | 3.3% | Apr 15, 2004 | Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and S... |
| CVE-2004-0108 | — | — | 0.4% | Apr 15, 2004 | The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on ... |
| CVE-2004-0107 | — | — | 0.4% | Apr 15, 2004 | The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via sym... |
| CVE-2004-0363 | — | — | 66.6% | Apr 15, 2004 | Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Nor... |
| CVE-2004-0121 | — | — | 47.7% | Apr 15, 2004 | Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when ... |
| CVE-2004-0122 | — | — | 22.5% | Apr 15, 2004 | Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arb... |
| CVE-2004-0151 | — | — | 0.4% | Apr 15, 2004 | Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands. |
| CVE-2004-0152 | — | — | 4.1% | Apr 15, 2004 | Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the deco... |
| CVE-2004-0150 | — | — | 5.3% | Apr 15, 2004 | Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote att... |
| CVE-2004-1939 | — | — | 1.7% | Apr 14, 2004 | Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or ... |
| CVE-2004-1944 | — | — | 1.9% | Apr 14, 2004 | Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multip... |
| CVE-2004-1936 | — | — | 1.6% | Apr 14, 2004 | ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachment... |
| CVE-2004-1756 | — | — | 1.2% | Apr 13, 2004 | BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custo... |
| CVE-2004-1758 | — | — | 0.4% | Apr 13, 2004 | BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database ... |
| CVE-2004-1929 | — | — | 6.7% | Apr 13, 2004 | SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers... |
| CVE-2004-1928 | — | — | 3.1% | Apr 12, 2004 | The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possib... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now