| | CVE-2008-4256 |  Microsoft | high | 8.5 | 57.5%
| | The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4258 | Microsoft | high | 8.5 | 52.7%
| | Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4259 | Microsoft | critical | 9.3 | 58.7%
| | Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which all… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4260 | Microsoft | high | 8.5 | 50.9%
| | Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote att… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4261 | Microsoft | critical | 9.3 | 64.4%
| | Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4264 | Microsoft | critical | 9.3 | 62.5%
| | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold a… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4265 | Microsoft | critical | 9.3 | 62.5%
| | Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Exce… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4266 | Microsoft | critical | 9.3 | 59.3%
| | Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4837 | Microsoft | critical | 9.3 | 66.2%
| | Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4841 | Microsoft | critical | 9.3 | 74.6%
| | The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-5416 | Microsoft | critical | 9.0 | 87.9%
| | Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-5417 |  HPE | low | 2.1 | 0.1%
| | HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions fo… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4844 | Microsoft | critical | 9.3 | 82.8%
| | Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in… | Dec 11, 2008 | Apr 23, 2026 |
| | CVE-2008-5424 | Microsoft | medium | 4.3 | 28.8%
| | The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does … | Dec 11, 2008 | Apr 23, 2026 |
| | CVE-2008-5520 | Microsoft | critical | 9.3 | 0.3%
| | AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer 6 or 7 is used, allows remote… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5521 | Microsoft | critical | 9.3 | 0.3%
| | Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 or 7 is used, allows remote a… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5522 | Microsoft | critical | 9.3 | 0.3%
| | AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5523 | Microsoft | critical | 9.3 | 0.3%
| | avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5524 | Microsoft | critical | 9.3 | 0.3%
| | CAT-QuickHeal 10.00 and possibly 9.50, when Internet Explorer 6 or 7 is used, allows remote attacker… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5525 | Microsoft | critical | 9.3 | 0.5%
| | ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5526 | Microsoft | critical | 9.3 | 0.3%
| | DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to byp… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5527 | Microsoft | critical | 9.3 | 0.3%
| | ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detect… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5528 | Microsoft | critical | 9.3 | 0.1%
| | Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass det… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5529 | Microsoft | critical | 9.3 | 0.3%
| | CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, allows remote attackers to byp… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5530 | Microsoft | critical | 9.3 | 0.3%
| | Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5531 |  Fortinet | critical | 9.3 | 0.3%
| | Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypa… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5532 | Microsoft | critical | 9.3 | 0.3%
| | Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, … | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5533 | Microsoft | critical | 9.3 | 0.3%
| | K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 or 7 is used, allows remote att… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5534 | Microsoft | critical | 9.3 | 0.3%
| | ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 or 7 is used, allows remote at… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5535 | Microsoft | critical | 9.3 | 0.3%
| | Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5536 | Microsoft | critical | 9.3 | 0.3%
| | Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass de… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5537 | Microsoft | critical | 9.3 | 0.3%
| | PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5538 | Microsoft | critical | 9.3 | 0.3%
| | Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection o… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5539 | Microsoft | critical | 9.3 | 0.1%
| | RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet Explorer 6 or 7 is used, allows… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5540 | Microsoft | critical | 9.3 | 0.3%
| | Secure Computing Secure Web Gateway (aka Webwasher), when Internet Explorer 6 or 7 is used, allows r… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5541 | Microsoft | critical | 9.3 | 0.8%
| | Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5542 | Microsoft | critical | 9.3 | 0.3%
| | Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet Explorer 6 or 7 is used, allows remo… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5543 | Microsoft | critical | 9.3 | 0.5%
| | Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5544 | Microsoft | critical | 9.3 | 0.3%
| | Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when Internet Explorer 6 or 7 is used, all… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5545 | Microsoft | critical | 9.3 | 0.3%
| | Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allo… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5546 | Microsoft | critical | 9.3 | 0.3%
| | VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5548 | Microsoft | critical | 9.3 | 0.3%
| | VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detec… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5551 | Microsoft | medium | 4.3 | 32.3%
| | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS p… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5552 | Microsoft | medium | 4.3 | 8.1%
| | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS p… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5553 | Microsoft | medium | 4.3 | 13.7%
| | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables itself upon encountering a certain… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5554 | Microsoft | medium | 4.3 | 13.7%
| | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not properly handle some HTTP headers … | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5555 | Microsoft | medium | 4.3 | 15.5%
| | Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAllowed HTTP header to authorize … | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5556 | Microsoft | medium | 4.3 | 11.1%
| | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not recognize attack patterns designed… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5745 | Microsoft | medium | 4.3 | 36.3%
| | Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9… | Dec 29, 2008 | Apr 23, 2026 |
| | CVE-2008-5750 | Microsoft | medium | 6.8 | 18.2%
| | Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows re… | Dec 29, 2008 | Apr 23, 2026 |