The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 65,789 vulnerabilities, spanning 27,609 products from 4,735 researchers, over 45 years.

Latest OSVDB Vulnerabilities Feed

66793 Disclosed: 2010-07-29 Wireshark IPMI Dissector Infinite Loop DoS
66792 Disclosed: 2010-07-29 Wireshark GSM A RR Dissector NULL Dereference DoS
66791 Disclosed: 2010-07-30 Hitachi JP1/Cm2/Network Node Manager Unspecified Arbitrary Code Execution
66790 Disclosed: 2010-07-30 Hitachi HiRDB Unexpected Data Processing DoS
66789 Disclosed: 2010-07-30 Hitachi Multiple Products TLS/SSL Communication Arbitrary Data Insertion
66788 Disclosed: 2010-07-30 Hitachi Multiple Products 2D Image Handling Unspecified Arbitrary Code Execution
66787 Disclosed: 2010-07-26 Citibank Citi Mobile App for Apple iOS Data File Storage Local Information Disclosure
66786 Disclosed: 2010-07-20 Mozilla Firefox layout/generic/nsObjectFrame.cpp Plugin Instance Parameter Array OBJECT Element DoS
66785 Disclosed: 1970-01-01 Akamai Download Manager ActiveX Crafted Web Page Arbitrary File Download
66784 Disclosed: 2010-07-30 EasyManage CMS cms_show_download.php id Parameter SQL Injection

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2010-07-27Open Security Foundation Launches New Cloud Security Project
Osvdbnews
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010
2010-01-31January Update: OSVDB Winter 2010 Fundraising Goal
2010-01-24Microsoft, Aurora and something about forest and trees?
2010-01-04Challenge: OSVDB Winter 2010 Fundraising Goal

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:76,66,123,72,91,92,183,147,156,145,201,363,297,498,450,793,369,408,339,353,372,312,406,406,406,280,280,336,393,431,371,382|20,14,17,32,40,61,86,71,85,79,128,327,209,503,337,486,237,395,240,226,233,234,401,497,436,526,287,307,341,182,291,245|0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,36,44,30,27,56,69,84|4,15,29,12,7,39,18,13,3,8,49,56,76,63,79,740,901,748,443,509,359,285,254,217,243,251,138,128,182,54,141,236|128,135,94,110,132,116,169,194,180,180,206,235,228,240,263,216,185,200,256,257,259,206,211,195,221,172,203,169,270,159,216,186|195,135,108,189,162,124,154,165,184,250,201,197,154,174,195,197,208,205,245,275,253,226,209,206,178,163,191,242,192,156,171,144&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|1:||||2003||||2004||||2005||||2006||||2007||||2008||||2009||||2010|2:|0|150|300|450|600|750|900&chds=0,901&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:76,66,123,72,91,92,183,147,156,145,201,363,297,498,450,793,369,408,339,353,372,312,406,406,406,280,280,336,393,431,371,382|20,14,17,32,40,61,86,71,85,79,128,327,209,503,337,486,237,395,240,226,233,234,401,497,436,526,287,307,341,182,291,245|0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,36,44,30,27,56,69,84|4,15,29,12,7,39,18,13,3,8,49,56,76,63,79,740,901,748,443,509,359,285,254,217,243,251,138,128,182,54,141,236|128,135,94,110,132,116,169,194,180,180,206,235,228,240,263,216,185,200,256,257,259,206,211,195,221,172,203,169,270,159,216,186|195,135,108,189,162,124,154,165,184,250,201,197,154,174,195,197,208,205,245,275,253,226,209,206,178,163,191,242,192,156,171,144&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|1:||||2003||||2004||||2005||||2006||||2007||||2008||||2009||||2010|2:|0|406|812|1218|1624|2030|2436&chds=0,2436&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

21307 Views: 601 OvBB thread.php threadid Parameter SQL Injection
18293 Views: 328 Belkin 54G Routers Admin Account Default Null Password
18686 Views: 223 FreznoShop product_details.php id Parameter SQL Injection
28364 Views: 176 Cybozu Garoon phonemessage Facility uid Parameter SQL Injection
66387 Views: 167 Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
382 Views: 157 PostgreSQL Server Default Password
63031 Views: 129 CKForms Component for Joomla! index.php controller Parameter Traversal Local File Inclusion
66618 Views: 122 Novell GroupWise WebAccess Component User Proxy Overflow
63032 Views: 118 CKForms Component for Joomla! index.php fid Parameter SQL Injection
3092 Views: 111 Interesting Web Document Found

Top Blogged Vulnerabilities this Month Feed

65264 Blogs: 12 Microsoft Windows hcp:// Protocol Handler MPC::HexToNum() Function String Miscalculation Arbitrary Command Execution
66296 Blogs: 3 Microsoft Office Outlook SMB Attachment Handling Arbitrary Program Execution
65141 Blogs: 2 Adobe Multiple Products SWF Handling Arbitrary Code Execution
65222 Blogs: 2 Microsoft Windows MJPEG Media Decompression Unspecified Remote Code Execution
66280 Blogs: 1 XWork ParameterInterceptor Server-Side Object Access Restriction Bypass
66387 Blogs: 1 Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
66456 Blogs: 1 Apple iTunes itpc: URI Handling Overflow

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2010 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use