| | CVE-2009-3847 | HPE | critical | 10.0 | 6.2%
| | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows r… | Dec 10, 2009 | Apr 23, 2026 |
| | CVE-2009-3846 | HPE | critical | 10.0 | 27.7%
| | Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.0… | Dec 10, 2009 | Apr 23, 2026 |
| | CVE-2009-3845 | HPE | critical | 10.0 | 18.6%
| | The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows r… | Dec 10, 2009 | Apr 23, 2026 |
| | CVE-2009-3674 | Microsoft | critical | 9.3 | 59.2%
| | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack… | Dec 9, 2009 | Apr 23, 2026 |
| | CVE-2009-3673 | Microsoft | critical | 9.3 | 55.4%
| | Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote … | Dec 9, 2009 | Apr 23, 2026 |
| | CVE-2009-3671 | Microsoft | high | 8.1 | 56.5%
| | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack… | Dec 9, 2009 | Apr 23, 2026 |
| | CVE-2009-2506 | Microsoft | critical | 9.3 | 74.6%
| | Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; O… | Dec 9, 2009 | Apr 23, 2026 |
| | CVE-2009-0102 | Microsoft | critical | 9.3 | 47.2%
| | Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memor… | Dec 9, 2009 | Apr 23, 2026 |
| | CVE-2009-3844 | HPE | critical | 10.0 | 76.6%
| | Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recove… | Dec 8, 2009 | Apr 23, 2026 |
| | CVE-2009-3560 | Apache | medium | 5.0 | 3.0%
| | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module … | Dec 4, 2009 | Apr 23, 2026 |
| | CVE-2009-4189 | HPE | critical | 10.0 | 83.5%
| | HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows rem… | Dec 3, 2009 | Apr 23, 2026 |
| | CVE-2009-4188 | HPE | critical | 10.0 | 87.8%
| | HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allow… | Dec 3, 2009 | Apr 23, 2026 |
| | CVE-2009-2686 | HPE | high | 7.2 | 0.0%
| | Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through H06.18.01, an… | Dec 2, 2009 | Apr 23, 2026 |
| | CVE-2009-3672 | Microsoft | critical | 9.3 | 80.6%
| | Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not pro… | Dec 2, 2009 | Apr 23, 2026 |
| | CVE-2009-4118 | Cisco | low | 2.1 | 0.3%
| | The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Win… | Dec 1, 2009 | Apr 23, 2026 |
| | CVE-2009-4074 | Microsoft | medium | 4.3 | 19.7%
| | The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-ch… | Nov 25, 2009 | Apr 23, 2026 |
| | CVE-2009-4073 | Microsoft | medium | 5.0 | 26.7%
| | The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a lo… | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-3898 | F5 | medium | 4.9 | 1.1%
| | Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) … | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-3896 | F5 | medium | 5.0 | 2.5%
| | src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x b… | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-3843 | HPE | critical | 10.0 | 86.8%
| | HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tom… | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-4040 | Microsoft | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used… | Nov 20, 2009 | Apr 23, 2026 |
| | CVE-2009-3977 | HPE | medium | 5.0 | 2.4%
| | Multiple buffer overflows in a certain ActiveX control in ActiveDom.ocx in HP OpenView Network Node … | Nov 19, 2009 | Apr 23, 2026 |
| | CVE-2009-3840 | HPE | medium | 5.0 | 17.2%
| | The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) … | Nov 19, 2009 | Apr 23, 2026 |
| | CVE-2009-3841 | HPE | critical | 9.0 | 0.4%
| | Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60… | Nov 17, 2009 | Apr 23, 2026 |
| | CVE-2009-3943 | Microsoft | medium | 5.0 | 11.6%
| | Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16711 allows remote attac… | Nov 16, 2009 | Apr 23, 2026 |
| | CVE-2009-3566 | Trellix | medium | 4.3 | 5.1%
| | McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 does not include the HTTPOnly fl… | Nov 13, 2009 | Apr 23, 2026 |
| | CVE-2009-3565 | Trellix | medium | 4.3 | 5.9%
| | Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee Intr… | Nov 13, 2009 | Apr 23, 2026 |
| | CVE-2009-2678 | HPE | medium | 4.0 | 0.3%
| | Unspecified vulnerability in Open System Services (OSS) Name Server on HP NonStop G06.27, G06.28, G0… | Nov 13, 2009 | Apr 23, 2026 |
| | CVE-2009-3548 | Apache | high | 7.5 | 86.9%
| | The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly ear… | Nov 12, 2009 | Apr 23, 2026 |
| | CVE-2009-3134 | Microsoft | critical | 9.3 | 54.9%
| | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open … | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3133 | Microsoft | critical | 9.3 | 54.2%
| | Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter fo… | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3132 | Microsoft | critical | 9.3 | 54.2%
| | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open … | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3131 | Microsoft | critical | 9.3 | 54.2%
| | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open … | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3130 | Microsoft | critical | 9.3 | 61.8%
| | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Ope… | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3135 | Microsoft | critical | 9.3 | 69.7%
| | Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for… | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3129 | Microsoft | high | 7.8 | 91.2%
| ⚠ KEV | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open … | Nov 11, 2009 | Apr 22, 2026 |
| | CVE-2009-3128 | Microsoft | critical | 9.3 | 54.9%
| | Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly pa… | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3127 | Microsoft | critical | 9.3 | 60.9%
| | Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Con… | Nov 11, 2009 | Apr 23, 2026 |
| | CVE-2009-3555 | Apache | critical | 9.8 | 2.0%
| | The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Infor… | Nov 9, 2009 | May 27, 2026 |
| | CVE-2009-2685 | HPE | critical | 10.0 | 85.4%
| | Stack-based buffer overflow in the login form in the management web server in HP Power Manager allow… | Nov 6, 2009 | Apr 23, 2026 |
| | CVE-2009-3547 | VMware | high | 7.0 | 3.2%
| | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cau… | Nov 4, 2009 | Apr 23, 2026 |
| | CVE-2009-3720 | Apache | medium | 5.0 | 1.2%
| | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXM… | Nov 3, 2009 | Apr 23, 2026 |
| | CVE-2009-3733 | VMware | medium | 5.0 | 90.1%
| | Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0… | Nov 2, 2009 | Apr 23, 2026 |
| | CVE-2009-2267 | VMware | medium | 6.9 | 2.6%
| | VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, V… | Nov 2, 2009 | Apr 23, 2026 |
| | CVE-2009-3830 | Microsoft | medium | 5.0 | 64.2%
| | The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 a… | Oct 30, 2009 | Apr 23, 2026 |
| | CVE-2009-3821 | Apache | medium | 4.3 | 1.5%
| | Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 … | Oct 28, 2009 | Apr 23, 2026 |
| | CVE-2009-3621 | VMware | medium | 5.5 | 0.1%
| | net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of … | Oct 22, 2009 | Apr 23, 2026 |
| | CVE-2009-3707 | VMware | medium | 5.0 | 21.3%
| | VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware W… | Oct 16, 2009 | Apr 23, 2026 |
| | CVE-2009-3282 | VMware | high | 7.8 | 0.5%
| | Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows hos… | Oct 16, 2009 | Apr 23, 2026 |
| | CVE-2009-3281 | VMware | high | 7.2 | 0.2%
| | The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file perm… | Oct 16, 2009 | Apr 23, 2026 |