The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.

Latest OSVDB Vulnerabilities

44884 Disclosed: 2008-05-09 Maian Search admin/inc/header.php Multiple Variable XSS
44883 Disclosed: 2008-05-09 Maian Search search.php keywords Variable SQL Injection
44882 Disclosed: 2008-04-30 Akamai Download Manager ActiveX (DownloadManagerV2.ocx) Undocumented Object Parameters Arbitrary Code Execution
44881 Disclosed: 2008-04-30 Nortel Multimedia Communication Server PC Client Overflow Remote DoS
44880 Disclosed: 2007-11-16 Microsoft Windows msjet40.dll MDB File Handling Overflow
44879 Disclosed: 2008-05-08 Cyberfolio portfolio/commentaires/derniers_commentaires.php rep Variable Remote File Inclusion
44878 Disclosed: 2008-05-03 Maian Greetings admin/inc/header.php Multiple Variable XSS
44877 Disclosed: 2008-05-03 Maian Greetings index.php keywords Variable SQL Injection
44876 Disclosed: 2008-05-09 InfoBiz Server search_results.php keywords Variable XSS
44875 Disclosed: 2008-05-07 PostcardMentor step1.asp cat_fldAuto Variable SQL Injection

OSVDB News Feed

2008-04-22Three Projects For SoC 2008 by Jkouns
2008-04-15OSVDB - Apr 14 Code Push by Jericho
2008-04-08Dr. Jekyll and Mr. Hide (Sun & Disclosure) by Jericho
2008-04-03Vulnerability counts and OSVDB advocacy by Jericho
2008-03-29Still time to submit an application for SoC 2008! by Jkouns
2008-03-25OSVDB - Mar 25 Code Push by Jericho
2008-03-24The purpose of tracking numbers.. (IBM) by Jericho
2008-03-18OSVDB Selected for Google Summer of Code 2008 by Jkouns
2008-03-16“high price bug brokering market just isn’t viable” by Jericho
2008-03-06It’s patch xxxday! by Jericho

Support OSVDB!

OSVDB needs your support! Donations get you enhanced access to the watch-list feature:

  • Watch unlimited products AND vendors, as opposed to just 10 products.
  • Receive notifications via RSS and email.

Pricing is in place for both individuals and organizations.

Visit the Support Page for details.

Sponsors

Sponsor

Member Highlight

Lspahn


Top Viewed Vulnerabilities this week

18293 Views: 416 Belkin 54G Routers Admin Account Default Null Password
40621 Views: 302 Simple PHP Blog (SPHPBlog) add_link.php link_id Variable CSRF
821 Views: 277 Linksys Router Default Password
28946 Views: 238 Microsoft IE Vector Markup Language (VML) Arbitrary Code Execution
877 Views: 144 Multiple Web Server Dangerous HTTP Method TRACE
592 Views: 133 ZyXEL Multiple Routers Default Administrator Password
32397 Views: 119 opentaps ecommerce/control/keywordsearch SEARCH_STRING Variable XSS
38669 Views: 116 Boinc Forum forum_text_search_action.php search_string Variable XSS
44213 Views: 112 Microsoft Windows GDI (gdi32.dll) EMF File Handling Multiple Overflows
16876 Views: 95 BookReview add_url.htm node Variable XSS

Top Blogged Vulnerabilities this Month

44213 Blogs: 21 Microsoft Windows GDI (gdi32.dll) EMF File Handling Multiple Overflows
44215 Blogs: 18 Microsoft Windows GDI EMF Filename Parameter Handling Overflow
44214 Blogs: 17 Microsoft Windows GDI WMF Handling CreateDIBPatternBrushPt Function Overflow
43980 Blogs: 14 Apple Safari WebKit (JavaScriptCore/pcre/pcre_compile.cpp) PCRE Nested Repetition Count Overflow
44623 Blogs: 13 WordPress Unspecified XSS
43870 Blogs: 11 Mozilla Multiple Products JSOP_NEG js_NewNumberValue SAVE_SP_AND_PC Unspecified DoS
44205 Blogs: 10 Microsoft IE Data Stream Handling Memory Corruption
44211 Blogs: 10 Microsoft Vbscript.dll VBScript Decoding Code Execution
44652 Blogs: 9 Microsoft HeartbeatCtl HRTBEAT.OCX ActiveX Unspecified Method Host Argument Overflow
44206 Blogs: 9 Microsoft Windows Kernel Unspecified Privilege Escalation

Blogs provided by Technorati

DONATE NOW!

User Status

Quick Searches

Advertisements

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2008 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use