The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 80,718 vulnerabilities, spanning 41,287 products from 4,735 researchers, over 109 years.

Latest OSVDB Vulnerabilities

81861 Disclosed: 2012-05-08 Adobe Photoshop TIFF Image File Handling Remote Overflow
81860 Disclosed: 2012-04-18 IBM WebSphere Application Server (WAS) WebServer Plugin Expired plugin-key.kdb Password HTTP Communication Encryption Weakness
81859 Disclosed: 2012-02-02 Cisco IOS Extended ACL Functionality Log / Time Keyword Line Discarding Network Traffic Parsing Access Restriction Bypass
81858 Disclosed: 2012-01-26 Cisco IP Communicator (CIPC) sccp-protocol Component CUCM SCCP On / off Hook Messages Saturation Remote DoS
81857 Disclosed: 2010-08-16 Cisco IOS Access-class Command vrs-also Keyword Recognition Remote SSH / Telnet Connection Establishment
81856 Disclosed: 2012-03-01 Cisco Adaptive Security Appliances (ASA) Firewall Proxy Authentication Connection Attempt Handling Remote Information Disclosure
81855 Disclosed: 2012-04-13 Cisco Small Business IP Phones Push XML Request XML Document Handling Remote Telephone Call Initiation
81854 Disclosed: 2012-05-02 Cisco IOS PPP Implementation PTA / L2TP Network Traffic Parsing Remote DoS
81853 Disclosed: 2012-03-26 Cisco IOS Interface Queue Wedge UDP Traffic Parsing Remote DoS
81852 Disclosed: 2012-02-01 Cisco Wireless Control System (WCS) TAC Case Attachment webnms/Templ/ Arbitrary File Access

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2012-03-30We're Still Here - Update on OSVDB Project: Data and Exports
Osvdbnews
2012-03-26Ferreting Out Unique Vulnerability Data in OSVDB
2010-09-07Open Security Foundation Announces New Advisory Board
2010-07-27Open Security Foundation Launches New Cloud Security Project
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,379,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,449|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,196,226,245,197,154,269|167,184,249,203,198,154,178,195,197,207,206,247,277,254,226,212,208,178,164,190,249,192,156,173,156,168,197,184,155,152,121,175&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|150|300|450|600|750|900&chds=0,904&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,379,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,449|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,196,226,245,197,154,269|167,184,249,203,198,154,178,195,197,207,206,247,277,254,226,212,208,178,164,190,249,192,156,173,156,168,197,184,155,152,121,175&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|406|812|1218|1624|2030|2436&chds=0,2441&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

65465 Views: 850 WMS-CMS printpage.asp Multiple Parameter SQL Injection
13002 Views: 315 AWStats awstats.pl configdir Parameter Arbitrary Command Execution
76733 Views: 266 Digital College includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basepath Parameter Remote File Inclusion
76780 Views: 255 Magtrb MyNews includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basename Parameter Remote File Inclusion
18293 Views: 231 Belkin 54G Routers Admin Account Default Null Password
13834 Views: 227 AWStats awstats.pl debug mode Information Disclosure
66441 Views: 223 Siemens SIMATIC WinCC Default Password
62780 Views: 151 Bild Flirt Community index.php id Parameter SQL Injection
62923 Views: 142 Domain Verkaus & Auktions Portal index.php id Parameter SQL Injection
78443 Views: 139 Oracle VM VirtualBox Shared Folders Component Unspecified Local Issue

Top Blogged Vulnerabilities this Month Feed

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use