The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 66,736 vulnerabilities, spanning 27,737 products from 4,735 researchers, over 45 years.

Latest OSVDB Vulnerabilities Feed

67748 Disclosed: 2010-09-01 HP Insight Diagnostics Online Edition on Linux Unspecified XSS
67747 Disclosed: 2010-09-01 xorg-x11-xinit on Fedora Incorrect Permissions Setting
67746 Disclosed: 2010-08-31 moobbs2 Unspecified XSS
67745 Disclosed: 2010-08-31 moobbs Unspecified XSS
67744 Disclosed: 2010-09-01 DVDFab Path Subversion Arbitrary DLL Injection Code Execution
67743 Disclosed: 2010-08-31 Novell NetWare OpenSSH SSHD.NLM Absolute Path Overflow
67742 Disclosed: 2010-05-12 Linux Kernel Wireless Drivers Crafted SIOCGIWESSID IOCTL Local Memory Disclosure
67741 Disclosed: 2010-08-31 phpMyAdmin Unspecified Backtrace Debug Messages XSS
67740 Disclosed: 2010-08-30 PicSell Component for Joomla! index.php dflink Parameter Traversal Arbitrary File Access
67739 Disclosed: 2010-08-31 SnortReport nmap.php target Parameter Arbitrary Command Execution

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2010-07-27Open Security Foundation Launches New Cloud Security Project
Osvdbnews
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010
2010-01-31January Update: OSVDB Winter 2010 Fundraising Goal
2010-01-24Microsoft, Aurora and something about forest and trees?
2010-01-04Challenge: OSVDB Winter 2010 Fundraising Goal

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:76,66,123,72,91,92,183,147,156,145,201,363,297,498,453,793,369,408,339,353,372,312,412,406,406,280,280,336,395,436,371,403|20,14,17,32,40,61,86,71,85,79,128,327,209,503,340,486,237,395,240,226,233,234,403,497,436,526,287,307,343,182,291,245|0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,36,44,30,28,56,69,84|4,15,29,12,7,39,18,13,3,8,49,56,76,63,79,740,901,750,443,509,359,285,254,218,243,251,138,145,182,54,141,236|128,135,94,110,132,116,169,194,180,180,206,235,228,240,264,217,184,200,256,259,259,206,211,195,221,172,203,170,270,161,224,186|195,135,108,189,162,124,154,165,184,250,201,197,154,174,195,197,208,205,245,275,253,226,209,206,178,163,191,242,191,156,171,151&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|1:||||2003||||2004||||2005||||2006||||2007||||2008||||2009||||2010|2:|0|150|300|450|600|750|900&chds=0,901&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:76,66,123,72,91,92,183,147,156,145,201,363,297,498,453,793,369,408,339,353,372,312,412,406,406,280,280,336,395,436,371,403|20,14,17,32,40,61,86,71,85,79,128,327,209,503,340,486,237,395,240,226,233,234,403,497,436,526,287,307,343,182,291,245|0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,36,44,30,28,56,69,84|4,15,29,12,7,39,18,13,3,8,49,56,76,63,79,740,901,750,443,509,359,285,254,218,243,251,138,145,182,54,141,236|128,135,94,110,132,116,169,194,180,180,206,235,228,240,264,217,184,200,256,259,259,206,211,195,221,172,203,170,270,161,224,186|195,135,108,189,162,124,154,165,184,250,201,197,154,174,195,197,208,205,245,275,253,226,209,206,178,163,191,242,191,156,171,151&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|1:||||2003||||2004||||2005||||2006||||2007||||2008||||2009||||2010|2:|0|406|812|1218|1624|2030|2436&chds=0,2437&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

21307 Views: 565 OvBB thread.php threadid Parameter SQL Injection
18293 Views: 336 Belkin 54G Routers Admin Account Default Null Password
28364 Views: 320 Cybozu Garoon phonemessage Facility uid Parameter SQL Injection
58177 Views: 187 Comment RSS Module for Drupal Node Link Information Disclosure
382 Views: 154 PostgreSQL Server Default Password
62929 Views: 153 Ninja RSS Syndicator Component for Joomla! components/com_ninjarsssyndicator/ninjarsssyndicator.php Controller Parameter Traversal Local File Inclusion
23246 Views: 135 Kyocera Telnet Default Admin Account
18679 Views: 126 DVBBS dispbbs.asp page Parameter XSS
3092 Views: 126 Interesting Web Document Found
67415 Views: 113 GFI Web Monitor Proxy Port Unspecified XSS

Top Blogged Vulnerabilities this Month Feed

66993 Blogs: 10 Microsoft .NET Framework / Silverlight CLR Virtual Delegate Handling Remote Code Execution
66859 Blogs: 8 Adobe Reader / Acrobat CoolType.dll maxp Table maxComponentPoints Field Font Handling Overflow
66387 Blogs: 3 Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
66987 Blogs: 3 Microsoft Windows SChannel Malformed Certificate Request Remote Code Execution
67002 Blogs: 3 Microsoft IE Object Handling Unspecified Memory Corruption (2010-2559)
67237 Blogs: 2 Linux Kernel Userspace Stack Growth Memory Corruption
66974 Blogs: 2 Microsoft Windows SMB Server SMB_COM_TRANSACTION2 Request Handling Remote Code Execution
67331 Blogs: 1 VLC Media Player TagLib Plugin taglib.cpp ReadMetaFromId3v2 Function DoS
67736 Blogs: 1 RealPlayer Multiple Products QCP File Handling Overflow
65224 Blogs: 1 Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Contexts (DC) Handling Local Privilege Escalation

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2010 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use