| | CVE-2008-5523 | Microsoft | critical | 9.3 | 0.3%
| | avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5522 | Microsoft | critical | 9.3 | 0.3%
| | AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5521 | Microsoft | critical | 9.3 | 0.3%
| | Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 or 7 is used, allows remote a… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5520 | Microsoft | critical | 9.3 | 0.3%
| | AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer 6 or 7 is used, allows remote… | Dec 12, 2008 | Apr 23, 2026 |
| | CVE-2008-5424 | Microsoft | medium | 4.3 | 28.8%
| | The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does … | Dec 11, 2008 | Apr 23, 2026 |
| | CVE-2008-4844 | Microsoft | critical | 9.3 | 82.8%
| | Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in… | Dec 11, 2008 | Apr 23, 2026 |
| | CVE-2008-5417 | HPE | low | 2.1 | 0.1%
| | HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions fo… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-5416 | Microsoft | critical | 9.0 | 87.9%
| | Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4841 | Microsoft | critical | 9.3 | 74.6%
| | The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4837 | Microsoft | critical | 9.3 | 66.2%
| | Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4266 | Microsoft | critical | 9.3 | 59.3%
| | Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4265 | Microsoft | critical | 9.3 | 62.5%
| | Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Exce… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4264 | Microsoft | critical | 9.3 | 62.5%
| | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold a… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4261 | Microsoft | critical | 9.3 | 64.4%
| | Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4260 | Microsoft | high | 8.5 | 50.9%
| | Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote att… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4259 | Microsoft | critical | 9.3 | 58.7%
| | Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which all… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4258 | Microsoft | high | 8.5 | 52.7%
| | Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4256 | Microsoft | high | 8.5 | 57.5%
| | The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4255 | Microsoft | critical | 9.3 | 65.7%
| | Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animatio… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4254 | Microsoft | high | 8.5 | 55.0%
| | Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft … | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4253 | Microsoft | high | 8.5 | 57.5%
| | The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4252 | Microsoft | high | 8.5 | 57.5%
| | The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4032 | Microsoft | high | 7.5 | 59.4%
| | Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properl… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4031 | Microsoft | critical | 9.3 | 59.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4030 | Microsoft | critical | 9.3 | 59.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4028 | Microsoft | critical | 9.3 | 63.8%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4027 | Microsoft | critical | 9.3 | 56.1%
| | Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4026 | Microsoft | critical | 9.3 | 57.9%
| | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4025 | Microsoft | critical | 9.3 | 65.7%
| | Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlo… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4024 | Microsoft | critical | 9.3 | 57.5%
| | Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execut… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-3010 | Microsoft | critical | 10.0 | 52.3%
| | Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-3009 | Microsoft | critical | 10.0 | 52.3%
| | Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S… | Dec 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4917 | VMware | high | 7.2 | 0.1%
| | Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x version… | Dec 9, 2008 | Apr 23, 2026 |
| | CVE-2008-5181 | Microsoft | medium | 5.0 | 18.2%
| | Microsoft Communicator allows remote attackers to cause a denial of service (application or device o… | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-5180 | Microsoft | medium | 5.3 | 76.7%
| | Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to c… | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-5179 | Microsoft | medium | 5.0 | 30.1%
| | Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and … | Nov 20, 2008 | Apr 23, 2026 |
| | CVE-2008-5121 | Cisco | high | 7.2 | 0.4%
| | dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used … | Nov 18, 2008 | Apr 23, 2026 |
| | CVE-2008-5120 | HPE | critical | 10.0 | 25.9%
| | Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP Ope… | Nov 18, 2008 | Apr 23, 2026 |
| | CVE-2008-4415 | HPE | critical | 9.0 | 0.9%
| | Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated us… | Nov 17, 2008 | Apr 23, 2026 |
| | CVE-2008-5100 | Microsoft | critical | 10.0 | 27.8%
| | The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital sign… | Nov 17, 2008 | Apr 23, 2026 |
| | CVE-2008-4033 | Microsoft | medium | 4.3 | 62.6%
| | Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expr… | Nov 12, 2008 | Apr 23, 2026 |
| | CVE-2008-4029 | Microsoft | medium | 4.3 | 59.7%
| | Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer,… | Nov 12, 2008 | Apr 23, 2026 |
| | CVE-2008-4387 | Microsoft | critical | 9.3 | 18.2%
| | Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows r… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-5026 | Microsoft | low | 3.5 | 14.8%
| | Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4915 | VMware | medium | 6.9 | 0.1%
| | The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4281 | VMware | critical | 9.3 | 0.3%
| | Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 befor… | Nov 10, 2008 | Apr 23, 2026 |
| | CVE-2008-4927 | Microsoft | medium | 4.3 | 25.9%
| | Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial… | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4922 | Microsoft | critical | 9.3 | 67.1%
| | Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) all… | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4413 | HPE | medium | 6.2 | 0.0%
| | Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 … | Nov 4, 2008 | Apr 23, 2026 |
| | CVE-2008-4800 | Microsoft | medium | 5.0 | 22.2%
| | The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool … | Oct 31, 2008 | Apr 23, 2026 |