2004 CVEs
2707 CVEs published in 2004. 12 critical, 26 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2004-2776 | Critical | 9.8 | 2019-12-31 | go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter. |
CVE-2004-2761 | Critical | 9.8 | 2009-01-05 | The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated… |
CVE-2004-2214 | Critical | 9.8 | 2004-12-31 | Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. |
CVE-2004-2154 | Critical | 9.8 | 2004-12-31 | CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing… |
CVE-2004-0285 | Critical | 9.8 | 2004-11-23 | PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote attackers to execute… |
CVE-2004-0847 | Critical | 9.8 | 2004-11-03 | The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a… |
CVE-2004-0772 | Critical | 9.8 | 2004-10-20 | Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. |
CVE-2004-1363 | Critical | 9.8 | 2004-08-04 | Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded af… |
CVE-2004-2061 | Critical | 9.8 | 2004-07-27 | RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url p… |
CVE-2004-0434 | Critical | 9.8 | 2004-07-07 | k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is… |
CVE-2004-0005 | Critical | 9.8 | 2004-03-03 | Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_… |
CVE-2004-0030 | Critical | 9.8 | 2004-01-20 | PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attacke… |
CVE-2004-1842 | High | 8.8 | 2004-12-31 | Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a U… |
CVE-2004-1703 | High | 8.8 | 2004-07-30 | Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls ind… |
CVE-2004-1967 | High | 8.8 | 2004-04-25 | Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator… |
CVE-2004-2339 | High | 8.4 | 2004-12-31 | Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kern… |
CVE-2004-0940 | High | 7.8 | 2005-02-09 | Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as… |
CVE-2004-2013 | High | 7.8 | 2004-12-31 | Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary c… |
CVE-2004-0346 | High | 7.8 | 2004-11-23 | Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. |
CVE-2004-0747 | High | 7.8 | 2004-10-20 | Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of env… |