The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 61,240 vulnerabilities, spanning 26,590 products from 4,735 researchers, over 45 years.

Latest OSVDB Vulnerabilities Feed

62208 Disclosed: 2010-01-12 Ipswitch WhatsUp Gold Vulnerability Scan Remote DoS
62207 Disclosed: 2009-11-13 Fujitsu Multiple Products SSL Server Unspecified File Descriptor Exhaustion DoS
62206 Disclosed: 2009-11-13 Fujitsu Multiple Products Expired CA SSL Certificate Issue Restriction Bypass
62205 Disclosed: 2009-11-13 Fujitsu Multiple Products Client SSL Certificate Handling Overflow
62204 Disclosed: 2009-12-23 Veritas Cluster Server (VCS) Notifier Resource Vulnerability Scan Remote DoS
62203 Disclosed: 2010-01-21 SAP BusinessObjects BusinessProcessBI/axis2-web/HappyAxis.jsp Information Disclosure
62202 Disclosed: 2010-01-21 SAP BusinessObjects dswsbobje/axis2-web/HappyAxis.jsp Information Disclosure
62201 Disclosed: 2010-01-21 SAP BusinessObjects PerformanceManagement/jsp/wait-frameset.jsp dummyParam Parameter XSS
62200 Disclosed: 2010-01-21 SAP BusinessObjects PerformanceManagement/jsp/viewWebiReportHeader.jsp sEntry Parameter XSS
62199 Disclosed: 2010-01-21 SAP BusinessObjects PerformanceManagement/jsp/ic_pm/wigoalleftlisttr.jsp flowid Parameter XSS

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2010-02-06Open Security Foundation - State of the Union 2010
Osvdbnews
2010-01-31January Update: OSVDB Winter 2010 Fundraising Goal
2010-01-24Microsoft, Aurora and something about forest and trees?
2010-01-04Challenge: OSVDB Winter 2010 Fundraising Goal
2009-12-19Adobe, Qualys, CVE and Math
2009-12-08OSVDB 2009 Q4 Changelog
2009-11-21Creditee System Overhauled
2009-11-15Responsible Disclosure - Old Debate, Fresh Aspects?!
2009-11-09Search Filters & Custom Exports
2009-11-09What I learned from early CVE entries

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:61,70,76,66,115,72,91,92,183,147,155,145,201,363,297,498,450,793,369,408,339,353,372,312,406,406,405,284,279,325,364,405|12,22,20,14,17,32,40,61,86,71,85,79,128,328,209,503,337,486,237,395,240,226,233,234,401,497,438,526,283,297,308,165|1,2,0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,35,44,30,27,56|2,5,4,15,29,12,6,39,18,13,3,8,48,56,76,63,79,740,901,748,443,509,359,285,254,217,243,192,137,111,175,44|80,106,127,133,92,110,132,116,169,192,179,177,206,234,227,237,263,216,184,199,255,257,259,206,208,195,218,172,201,157,258,144|119,176,196,135,106,190,162,124,154,166,182,251,201,197,154,172,195,197,207,205,245,274,251,226,207,205,177,163,184,230,176,145&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1:||2002||||2003||||2004||||2005||||2006||||2007||||2008||||2009|||2:|0|150|300|450|600|750|900&chds=0,901&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:61,70,76,66,115,72,91,92,183,147,155,145,201,363,297,498,450,793,369,408,339,353,372,312,406,406,405,284,279,325,364,405|12,22,20,14,17,32,40,61,86,71,85,79,128,328,209,503,337,486,237,395,240,226,233,234,401,497,438,526,283,297,308,165|1,2,0,1,0,0,0,0,1,0,0,0,1,6,3,2,0,4,6,9,14,12,26,29,42,24,41,35,44,30,27,56|2,5,4,15,29,12,6,39,18,13,3,8,48,56,76,63,79,740,901,748,443,509,359,285,254,217,243,192,137,111,175,44|80,106,127,133,92,110,132,116,169,192,179,177,206,234,227,237,263,216,184,199,255,257,259,206,208,195,218,172,201,157,258,144|119,176,196,135,106,190,162,124,154,166,182,251,201,197,154,172,195,197,207,205,245,274,251,226,207,205,177,163,184,230,176,145&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1:||2002||||2003||||2004||||2005||||2006||||2007||||2008||||2009|||2:|0|406|812|1218|1624|2030|2436&chds=0,2436&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

18293 Views: 505 Belkin 54G Routers Admin Account Default Null Password
61697 Views: 257 Microsoft IE mshtml.dll Use-After-Free Arbitrary Code Execution (Aurora)
382 Views: 206 PostgreSQL Server Default Password
40621 Views: 144 Simple PHP Blog (SPHPBlog) add_link.php link_id Parameter CSRF
877 Views: 138 Multiple Web Server Dangerous HTTP Method TRACE
3092 Views: 135 Interesting Web Document Found
60980 Views: 130 Adobe Reader / Acrobat Doc.media.newPlayer Use-After-Free Arbitrary Code Execution
59968 Views: 122 Microsoft IIS SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
16866 Views: 121 Terminator 3: War of the Machines Client CD-key Overflow
44643 Views: 102 Realtek HD Audio Codec Driver RTKVHDA.sys / RTKVHDA64.sys IOCTL Request Handling Overflow

Top Blogged Vulnerabilities this Month Feed

61697 Blogs: 34 Microsoft IE mshtml.dll Use-After-Free Arbitrary Code Execution (Aurora)
61651 Blogs: 6 Microsoft Windows Embedded OpenType Font Engine LZCOMP Decompressor Font Handling Arbitrary Code Execution
60980 Blogs: 5 Adobe Reader / Acrobat Doc.media.newPlayer Use-After-Free Arbitrary Code Execution
61904 Blogs: 2 Adobe Shockwave Player Crafted 3D Model Memory Corruption Overflow
60521 Blogs: 1 Ingate Firewall/SIParator SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
60832 Blogs: 1 Microsoft Windows Internet Authentication Service Protected Extensible Authentication Protocol (PEAP) Message Handling Remote Memory Corruption
62128 Blogs: 1 Apple iPhone OS Recovery Mode USB Control Message Device Locking Bypass

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2010 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use