LiveActive security incident?Get immediate response
CVE archive

2004 CVE Archive

Browse CVE records published in 2004 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 2644 matching CVEs · Page 1 of 53.

Medium · CVSS 5.3

CVE-2004-2320: The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1...

The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

Published Aug 16, 2005 · Updated May 28, 2026

High · CVSS 8.4

CVE-2004-2339: Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to exe...

Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed

Published Aug 16, 2005 · Updated Jan 16, 2025

Unknown · CVSS Not scored

CVE-2004-2545: Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (S...

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (SMTP proxy failure) via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.

Published Nov 20, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2004-2294: Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3...

Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability.

Published Aug 4, 2005 · Updated Sep 17, 2024