The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 80,837 vulnerabilities, spanning 41,631 products from 4,735 researchers, over 109 years.

Latest OSVDB Vulnerabilities

81980 Disclosed: 2012-05-16 JCE Component for Joomla! components/com_jce/editor/extensions/browser/file.php File Upload PHP Code Execution
81979 Disclosed: 2012-05-16 JCE Component for Joomla! administrator/index.php search Parameter XSS
81978 Disclosed: 2011-10-22 W3C XML Encryption Standard Multiple Algorithm CBC Mode Modified Ciphertext Injection Cryptanalysis Weakness
81977 Disclosed: 2012-02-16 RSA Algorithm Public Key Pair Implementation Weakness
81976 Disclosed: 2011-09-10 APCO P25 Protocol Multiple Cipher Known-Plaintext Exhaustive Key Search Compromise
81975 Disclosed: 2011-09-10 APCO P25 Protocol CRC Manipulation Message Spoofing Weakness
81974 Disclosed: 2011-09-10 APCO P25 Protocol “inhibit” Extended Function Command (XFC) Remote DoS
81973 Disclosed: 2011-09-10 APCO P25 Protocol Radio Authentication (RA) Protocol Authentication/Message Replay Weakness
81972 Disclosed: 2007-03-15 ImgSvr template Parameter Remote Overflow
81971 Disclosed: 2012-03-26 eZ Online Editor Extension for eZ Publish Multiple Action Content Node Meta Information Disclosure

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2012-03-30We're Still Here - Update on OSVDB Project: Data and Exports
Osvdbnews
2012-03-26Ferreting Out Unique Vulnerability Data in OSVDB
2010-09-07Open Security Foundation Announces New Advisory Board
2010-07-27Open Security Foundation Launches New Cloud Security Project
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,380,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,450|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,197,226,245,199,155,272|167,184,249,203,198,154,178,195,197,207,206,248,277,254,226,212,208,178,164,190,249,192,156,173,156,168,198,184,155,152,121,176&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|150|300|450|600|750|900&chds=0,904&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,380,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,450|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,197,226,245,199,155,272|167,184,249,203,198,154,178,195,197,207,206,248,277,254,226,212,208,178,164,190,249,192,156,173,156,168,198,184,155,152,121,176&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|406|812|1218|1624|2030|2436&chds=0,2441&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

65465 Views: 850 WMS-CMS printpage.asp Multiple Parameter SQL Injection
13002 Views: 315 AWStats awstats.pl configdir Parameter Arbitrary Command Execution
76733 Views: 266 Digital College includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basepath Parameter Remote File Inclusion
76780 Views: 255 Magtrb MyNews includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basename Parameter Remote File Inclusion
18293 Views: 231 Belkin 54G Routers Admin Account Default Null Password
13834 Views: 227 AWStats awstats.pl debug mode Information Disclosure
66441 Views: 223 Siemens SIMATIC WinCC Default Password
62780 Views: 151 Bild Flirt Community index.php id Parameter SQL Injection
62923 Views: 142 Domain Verkaus & Auktions Portal index.php id Parameter SQL Injection
78443 Views: 139 Oracle VM VirtualBox Shared Folders Component Unspecified Local Issue

Top Blogged Vulnerabilities this Month Feed

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use