| | CVE-2008-1446 |  Microsoft | critical | 9.0 | 67.0%
| | Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Infor… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3466 | Microsoft | critical | 10.0 | 84.7%
| | Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administra… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3471 | Microsoft | critical | 9.3 | 73.2%
| | Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold a… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3472 | Microsoft | critical | 9.3 | 46.0%
| | Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3473 | Microsoft | critical | 9.3 | 47.0%
| | Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3474 | Microsoft | medium | 6.5 | 48.9%
| | Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3475 | Microsoft | high | 8.8 | 59.2%
| | Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoin… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3476 | Microsoft | critical | 9.3 | 62.6%
| | Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-3477 | Microsoft | critical | 9.3 | 71.3%
| | Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA … | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-4019 | Microsoft | critical | 9.3 | 58.6%
| | Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-4020 | Microsoft | medium | 4.3 | 31.3%
| | Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to injec… | Oct 15, 2008 | Apr 23, 2026 |
| | CVE-2008-4412 |  HPE | medium | 5.0 | 0.9%
| | Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) al… | Oct 17, 2008 | Apr 23, 2026 |
| | CVE-2008-1547 | Microsoft | medium | 4.3 | 63.1%
| | Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Excha… | Oct 21, 2008 | Apr 23, 2026 |
| | CVE-2007-4350 | HPE | medium | 4.3 | 0.8%
| | Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 a… | Oct 21, 2008 | Apr 23, 2026 |
| | CVE-2008-4699 | Microsoft | critical | 9.3 | 39.2%
| | Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 all… | Oct 22, 2008 | Apr 23, 2026 |
| | CVE-2007-4349 | HPE | medium | 4.3 | 1.0%
| | The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Perfo… | Oct 23, 2008 | Apr 23, 2026 |
| | CVE-2008-4787 | Microsoft | medium | 5.8 | 37.4%
| | Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof th… | Oct 29, 2008 | Apr 23, 2026 |
| | CVE-2008-4788 | Microsoft | medium | 5.0 | 16.5%
| | Microsoft Internet Explorer 6 omits high-bit URL-encoded characters when displaying the address bar,… | Oct 29, 2008 | Apr 23, 2026 |
| | CVE-2008-4800 | Microsoft | medium | 5.0 | 22.2%
| | The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool … | Oct 31, 2008 | Apr 23, 2026 |
| | CVE-2008-4413 | HPE | medium | 6.2 | 0.0%
| | Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 … | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4922 | Microsoft | critical | 9.3 | 67.1%
| | Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) all… | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4927 | Microsoft | medium | 4.3 | 25.9%
| | Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial… | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4281 |  VMware | critical | 9.3 | 0.3%
| | Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 befor… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4915 | VMware | medium | 6.9 | 0.1%
| | The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-5026 | Microsoft | low | 3.5 | 14.8%
| | Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4387 | Microsoft | critical | 9.3 | 18.2%
| | Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows r… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4029 | Microsoft | medium | 4.3 | 59.7%
| | Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer,… | Nov 12, 2008 | Apr 23, 2026 |
| | CVE-2008-4033 | Microsoft | medium | 4.3 | 62.6%
| | Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expr… | Nov 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5100 | Microsoft | critical | 10.0 | 27.8%
| | The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital sign… | Nov 17, 2008 | Apr 23, 2026 |
| | CVE-2008-4415 | HPE | critical | 9.0 | 0.9%
| | Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated us… | Nov 17, 2008 | Apr 23, 2026 |
| | CVE-2008-5120 | HPE | critical | 10.0 | 25.9%
| | Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP Ope… | Nov 18, 2008 | Apr 23, 2026 |
| | CVE-2008-5121 |  Cisco | high | 7.2 | 0.4%
| | dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used … | Nov 18, 2008 | Apr 23, 2026 |
| | CVE-2008-5179 | Microsoft | medium | 5.0 | 30.1%
| | Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and … | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-5180 | Microsoft | medium | 5.3 | 76.7%
| | Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to c… | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-5181 | Microsoft | medium | 5.0 | 18.2%
| | Microsoft Communicator allows remote attackers to cause a denial of service (application or device o… | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-4917 | VMware | high | 7.2 | 0.1%
| | Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x version… | Dec 9, 2008 | Apr 23, 2026 |
| | CVE-2008-3009 | Microsoft | critical | 10.0 | 52.3%
| | Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-3010 | Microsoft | critical | 10.0 | 52.3%
| | Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4024 | Microsoft | critical | 9.3 | 57.5%
| | Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execut… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4025 | Microsoft | critical | 9.3 | 65.7%
| | Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlo… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4026 | Microsoft | critical | 9.3 | 57.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4027 | Microsoft | critical | 9.3 | 56.1%
| | Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4028 | Microsoft | critical | 9.3 | 63.8%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4030 | Microsoft | critical | 9.3 | 59.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4031 | Microsoft | critical | 9.3 | 59.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4032 | Microsoft | high | 7.5 | 59.4%
| | Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properl… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4252 | Microsoft | high | 8.5 | 57.5%
| | The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4253 | Microsoft | high | 8.5 | 57.5%
| | The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4254 | Microsoft | high | 8.5 | 55.0%
| | Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4255 | Microsoft | critical | 9.3 | 65.7%
| | Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animatio… | Dec 10, 2008 | Apr 23, 2026 |