| | CVE-2008-5823 |  Microsoft | medium | 4.3 | 13.7%
| | An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script… | Jan 2, 2009 | Apr 23, 2026 |
| | CVE-2008-5828 | Microsoft | medium | 5.0 | 17.9%
| | Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is … | Jan 2, 2009 | Apr 23, 2026 |
| | CVE-2008-5849 |  Check Point | medium | 5.0 | 0.5%
| | Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows … | Jan 6, 2009 | Apr 23, 2026 |
| | CVE-2008-0067 |  HPE | critical | 10.0 | 81.9%
| | Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7… | Jan 8, 2009 | Apr 23, 2026 |
| | CVE-2009-0072 | Microsoft | medium | 4.3 | 10.2%
| | Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of servi… | Jan 8, 2009 | Apr 23, 2026 |
| | CVE-2003-1566 | Microsoft | medium | 5.0 | 9.3%
| | Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, w… | Jan 15, 2009 | Apr 23, 2026 |
| | CVE-2003-1567 | Microsoft | medium | 5.8 | 69.0%
| | The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the conte… | Jan 15, 2009 | Apr 23, 2026 |
| | CVE-2009-0122 | HPE | medium | 6.9 | 0.1%
| | hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users… | Jan 15, 2009 | Apr 23, 2026 |
| | CVE-2009-0133 | Microsoft | critical | 10.0 | 76.1%
| | Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers … | Jan 15, 2009 | Apr 23, 2026 |
| | CVE-2008-3818 |  Cisco | high | 7.8 | 0.2%
| | Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, … | Jan 16, 2009 | Apr 23, 2026 |
| | CVE-2009-0177 |  VMware | medium | 5.0 | 14.0%
| | vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.… | Jan 20, 2009 | Apr 23, 2026 |
| | CVE-2008-5912 | Microsoft | low | 2.1 | 17.1%
| | An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and … | Jan 20, 2009 | Apr 23, 2026 |
| | CVE-2008-5917 | Microsoft | medium | 4.3 | 0.5%
| | Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in… | Jan 21, 2009 | Apr 23, 2026 |
| | CVE-2009-0026 |  Apache | medium | 4.3 | 40.1%
| | Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote a… | Jan 21, 2009 | Apr 23, 2026 |
| | CVE-2008-2384 | Apache | high | 7.5 | 5.0%
| | SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql… | Jan 22, 2009 | Apr 23, 2026 |
| | CVE-2008-3820 | Cisco | medium | 6.8 | 1.0%
| | Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes … | Jan 22, 2009 | Apr 23, 2026 |
| | CVE-2009-0057 | Cisco | medium | 4.3 | 0.5%
| | The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x … | Jan 22, 2009 | Apr 23, 2026 |
| | CVE-2008-5994 | Check Point | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows… | Jan 28, 2009 | Apr 23, 2026 |
| | CVE-2008-3358 | Microsoft | medium | 4.3 | 0.7%
| | Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Intern… | Jan 28, 2009 | Apr 23, 2026 |
| | CVE-2009-0341 | Microsoft | critical | 9.3 | 48.3%
| | The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers… | Jan 29, 2009 | Apr 23, 2026 |
| | CVE-2009-0204 | HPE | medium | 4.3 | 0.8%
| | Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to … | Jan 30, 2009 | Apr 23, 2026 |
| | CVE-2009-0369 | Microsoft | medium | 4.3 | 20.7%
| | Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL… | Jan 30, 2009 | Apr 23, 2026 |
| | CVE-2008-4914 | VMware | medium | 4.7 | 0.0%
| | Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350… | Feb 3, 2009 | Apr 23, 2026 |
| | CVE-2009-0419 | Microsoft | medium | 5.0 | 29.8%
| | Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7,… | Feb 4, 2009 | Apr 23, 2026 |
| | CVE-2008-6063 | Microsoft | medium | 4.3 | 17.4%
| | Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Su… | Feb 5, 2009 | Apr 23, 2026 |
| | CVE-2008-4559 | HPE | critical | 10.0 | 3.5%
| | HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute ar… | Feb 8, 2009 | Apr 23, 2026 |
| | CVE-2008-4560 | HPE | high | 7.8 | 0.4%
| | HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sen… | Feb 8, 2009 | Apr 23, 2026 |
| | CVE-2008-4562 | HPE | critical | 10.0 | 5.6%
| | Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51,… | Feb 8, 2009 | Apr 23, 2026 |
| | CVE-2009-0206 | HPE | medium | 4.9 | 0.1%
| | Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier for HP-UX B.11.31 allows local… | Feb 8, 2009 | Apr 23, 2026 |
| | CVE-2009-0075 | Microsoft | critical | 9.3 | 86.9%
| | Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted obj… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0076 | Microsoft | critical | 9.3 | 58.5%
| | Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute ar… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0095 | Microsoft | critical | 9.3 | 48.8%
| | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Vi… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0096 | Microsoft | critical | 9.3 | 63.3%
| | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operat… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0097 | Microsoft | critical | 9.3 | 57.4%
| | Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio … | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0098 | Microsoft | critical | 9.3 | 62.5%
| | Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not pr… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0099 | Microsoft | medium | 5.0 | 71.1%
| | The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 S… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0305 | Microsoft | critical | 9.3 | 45.2%
| | Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLo… | Feb 10, 2009 | Apr 23, 2026 |
| | CVE-2009-0647 | Microsoft | medium | 5.0 | 18.6%
| | msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, … | Feb 19, 2009 | Apr 23, 2026 |
| | CVE-2007-5289 | HPE | high | 7.6 | 25.5%
| | HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-s… | Feb 24, 2009 | Apr 23, 2026 |
| | CVE-2009-0238 | Microsoft | high | 8.8 | 81.1%
| ⚠ KEV | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; E… | Feb 25, 2009 | Apr 22, 2026 |
| | CVE-2009-0614 | Cisco | critical | 9.0 | 0.5%
| | Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 befor… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0615 | Cisco | critical | 9.0 | 0.2%
| | Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Appli… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0616 | Cisco | critical | 10.0 | 0.5%
| | Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which ma… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0617 | Cisco | critical | 10.0 | 0.8%
| | Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which make… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0618 | Cisco | high | 8.5 | 0.6%
| | Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0620 | Cisco | critical | 10.0 | 0.5%
| | Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2008-4308 | Apache | low | 2.6 | 7.6%
| | The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0208 | HPE | critical | 10.0 | 4.2%
| | Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows r… | Feb 26, 2009 | Apr 23, 2026 |
| | CVE-2009-0743 | Cisco | low | 3.5 | 0.2%
| | Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified… | Feb 27, 2009 | Apr 23, 2026 |
| | CVE-2009-0754 | Apache | low | 2.1 | 0.2%
| | PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior … | Mar 3, 2009 | Apr 23, 2026 |