CVE in 2009

5,778 vulnerabilities published +2% vs 2008

2006 2007 2008 2009 2010 2011 2012

5,778

Total CVEs

Critical

High

7.7

CVSS Average

Monthly Distribution

469 CVEs

1 critical

Jan

469

689 CVEs

0 critical

Feb

689

566 CVEs

1 critical

Mar

566

570 CVEs

0 critical

Apr

570

367 CVEs

0 critical

May

367

452 CVEs

2 critical

Jun

452

449 CVEs

3 critical

Jul

449

531 CVEs

3 critical

Aug

531

576 CVEs

1 critical

Sep

576

353 CVEs

1 critical

Oct

353

311 CVEs

1 critical

Nov

311

445 CVEs

0 critical

Dec

445

Top 20 Most Critical CVEs of 2009

View all

CVE-2009-3616

Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to…

Oct 23 9.9

CVE-2009-2422

The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that…

Jul 10 9.8

CVE-2009-1048

The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with…

Aug 14 9.8

CVE-2009-2168

cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a redirect to the web browser but does not exit…

Jun 22 9.8

CVE-2009-1151 KEV

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject…

Mar 26 9.8

CVE-2009-2367

cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges…

Jul 8 9.8

CVE-2009-2494

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1,…

Aug 12 9.8

CVE-2009-2512

The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2…

Nov 11 9.8

CVE-2008-4835

SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista…

Jan 14 9.8

CVE-2008-7109

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary…

Aug 28 9.8

CVE-2009-2382

admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to…

Jul 8 9.8

CVE-2009-1936

_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which…

Jun 5 9.8

CVE-2009-3421

login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access…

Sep 25 9.8

CVE-2009-0238 KEV

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer;…

Feb 25 8.8

CVE-2009-0554

Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on…

Apr 15 8.8

CVE-2009-0182

Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a…

Jan 20 8.8

CVE-2009-0927 KEV

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1…

Mar 19 8.8

CVE-2009-0231

The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista…

Jul 15 8.8

CVE-2009-1544

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted…

Aug 12 8.8

CVE-2009-1532

Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1,…

Jun 10 8.8

Explore Other Years

2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012

CVE Vulnerabilities

Posts & Pages

CVE in 2009

Monthly Distribution

Top 20 Most Critical CVEs of 2009

Explore Other Years