Overflow に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。
直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。
2004 年に公開され、Overflow に分類される CVE を表示しています。 CVE の一覧へ
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2004-2728 | Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | 3.5 | 1.02% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2727 | Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. | 4.3 | 4.40% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2719 | Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339. | 6.8 | 20.73% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2714 | Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability. | 6.0 | 0.67% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2712 | Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." | 5.0 | 0.69% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2711 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval." | 7.5 | 1.72% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2710 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current chat room name. | 7.5 | 1.80% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2709 | Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | 7.5 | 1.72% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2685 | Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416. | 7.5 | 39.76% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2541 | Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target. | 6.9 | 1.94% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2466 | chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected. | 5.0 | 77.77% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2386 | Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function. | 7.5 | 3.83% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2111 | Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | 8.5 | 81.14% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2013 | Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 | 0.09% | 2004-12-31 | 2026-04-16 |
| CVE-2004-1940 | sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a STUN response packet with a large attrLen value that causes an out-of-bounds read. | 5.0 | 6.93% | 2004-12-31 | 2026-04-16 |
| CVE-2004-0638 | Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument. | 8.5 | 17.25% | 2004-12-31 | 2026-04-16 |
| CVE-2004-0816 | Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. | 7.5 | 7.36% | 2004-12-23 | 2026-04-16 |
| CVE-2004-0455 | Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | 7.2 | 0.11% | 2004-12-06 | 2026-04-16 |
| CVE-2004-0330 | Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. | 10.0 | 83.14% | 2004-11-23 | 2026-04-16 |
| CVE-2004-0112 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | 5.0 | 0.92% | 2004-11-23 | 2026-04-16 |