The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 77,406 vulnerabilities, spanning 36,577 products from 4,735 researchers, over 47 years.

Latest OSVDB Vulnerabilities Feed

78542 Disclosed: 2012-01-24 Opera Framed Content Handling Same Origin Policy Bypass XSS Weakness
78541 Disclosed: 2012-01-24 Opera JavaScript Event HTML Element Referencing Local File Enumeration
78540 Disclosed: 2012-01-20 SAP NetWeaver bcbadmSettings.jsp Multiple Parameter XSS
78539 Disclosed: 2012-01-20 SAP NetWeaver system_context_settings.jsp Multiple Parameter XSS
78538 Disclosed: 2012-01-20 SAP NetWeaver TextContainerAdmin/administration_setup.jsp TXVDestination Parameter XSS
78537 Disclosed: 2011-10-19 SAP NetWeaver PFL_CHECK_OS_FILE_EXISTENCE Function Arbitrary File Enumeration
78536 Disclosed: 2012-01-20 SAP NetWeaver Resource Access Control Handling Runtime Workbench Access Restriction Bypass
78535 Disclosed: 2012-01-24 Ocean Data Systems Dream Report Write Access Violation File Handling Memory Corruption
78534 Disclosed: 2012-01-24 Ocean Data Systems Dream Report Unspecified XSS
78533 Disclosed: 2012-01-24 Symantec pcAnywhere / IT Management Suite Product-Installation File Overwrite Local Privilege Escalation

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2010-09-07Open Security Foundation Announces New Advisory Board
Osvdbnews
2010-07-27Open Security Foundation Launches New Cloud Security Project
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010
2010-01-31January Update: OSVDB Winter 2010 Fundraising Goal
2010-01-24Microsoft, Aurora and something about forest and trees?

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:183,148,156,145,202,365,298,497,453,793,369,409,339,353,379,322,424,409,414,293,281,347,403,446,372,422,469,423,391,307,404,353|86,71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,296,263,247,270,164,111,204,168|1,0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,43,24,41,36,44,30,28,56,70,83,70,55,59,45,33,27|18,14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,254,218,243,251,138,145,182,54,142,237,77,28,36,17,53,37|169,194,180,180,207,235,228,242,265,219,184,201,258,265,263,207,214,197,221,182,207,177,278,171,237,206,256,192,223,244,192,144|154,166,184,249,201,198,154,174,195,197,207,205,245,275,254,226,212,207,178,164,191,248,191,156,173,155,167,193,181,155,151,116&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1:||2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011|||2:|0|150|300|450|600|750|900&chds=0,904&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:183,148,156,145,202,365,298,497,453,793,369,409,339,353,379,322,424,409,414,293,281,347,403,446,372,422,469,423,391,307,404,353|86,71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,296,263,247,270,164,111,204,168|1,0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,43,24,41,36,44,30,28,56,70,83,70,55,59,45,33,27|18,14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,254,218,243,251,138,145,182,54,142,237,77,28,36,17,53,37|169,194,180,180,207,235,228,242,265,219,184,201,258,265,263,207,214,197,221,182,207,177,278,171,237,206,256,192,223,244,192,144|154,166,184,249,201,198,154,174,195,197,207,205,245,275,254,226,212,207,178,164,191,248,191,156,173,155,167,193,181,155,151,116&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1:||2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011|||2:|0|406|812|1218|1624|2030|2436&chds=0,2441&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

65465 Views: 810 WMS-CMS printpage.asp Multiple Parameter SQL Injection
13002 Views: 311 AWStats awstats.pl configdir Parameter Arbitrary Command Execution
76733 Views: 264 Digital College includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basepath Parameter Remote File Inclusion
76780 Views: 253 Magtrb MyNews includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basename Parameter Remote File Inclusion
18293 Views: 230 Belkin 54G Routers Admin Account Default Null Password
78320 Views: 228 OpenSSL DTLS Remote DoS
13834 Views: 226 AWStats awstats.pl debug mode Information Disclosure
66441 Views: 225 Siemens SIMATIC WinCC Default Password
62780 Views: 149 Bild Flirt Community index.php id Parameter SQL Injection
62923 Views: 140 Domain Verkaus & Auktions Portal index.php id Parameter SQL Injection

Top Blogged Vulnerabilities this Month Feed

78057 Blogs: 8 Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS
77658 Blogs: 6 Linux Kernel hfs_find_init() Function NULL Pointer Dereference Local DoS
78026 Blogs: 5 Adobe Reader / Acrobat PRC Component Remote Memory Corruption
78418 Blogs: 2 Oracle Database Core RDBMS Component SCN Value Handling Remote Memory Corruption
77529 Blogs: 1 Adobe Reader / Acrobat U3D Data Handling Remote Memory Corruption

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use