The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.

Latest OSVDB Vulnerabilities

46671 Disclosed: 2008-07-03 FreeStyle Wiki Unspecified XSS
46670 Disclosed: 2008-07-02 XchangeBoard newThread.php boardID Variable SQL Injection
46669 Disclosed: 2008-06-30 Apple Mac OS X HMAC Authentication SNMPv3 Authentication Packet Spoofing
46668 Disclosed: 2008-06-30 Apple Mac OS X Dock Exposé Hot Corners Unspecified Screen Lock Bypass
46667 Disclosed: 2008-06-30 Apple Mac OS X System Configuration User Template Directory Permission Weakness Local Privilege Escalation
46666 Disclosed: 2008-06-30 Apple Mac OS X Launch Services Symlink Download Validation Race Condition Arbitrary Code Execution
46665 Disclosed: 2008-06-30 Apple Mac OS X c++filt Format String Arbitrary Code Execution
46664 Disclosed: 2008-06-30 Apple Mac OS X CoreTypes .xht* Handling Warning Weakness
46663 Disclosed: 2008-06-30 Apple Mac OS X Alias Manager Volume Mount Information Handling Arbitrary Code Execution
46662 Disclosed: 2008-07-02 Taxonomy Autotagger Module for Drupal Unspecified SQL Injection

OSVDB News Feed

2008-06-21OSVDB Featured in the Open Source Business Resource (OSBR) by Jkouns
2008-06-19Coffee makers are SCADA, right?! by Jericho
2008-05-30Who’s to blame? The hazard of “0-day”. by Jericho
2008-05-24Top vulnerability researcher? by Jkouns
2008-05-16Layered Technologies Continued Support of OSVDB by Jkouns
2008-04-22Three Projects For SoC 2008 by Jkouns
2008-04-15OSVDB - Apr 14 Code Push by Jericho
2008-04-08Dr. Jekyll and Mr. Hide (Sun & Disclosure) by Jericho
2008-04-03Vulnerability counts and OSVDB advocacy by Jericho
2008-03-29Still time to submit an application for SoC 2008! by Jkouns

Support OSVDB!

OSVDB needs your support! Donations get you enhanced access to the watch-list feature:

  • Watch unlimited products AND vendors, as opposed to just 10 products.
  • Receive notifications via RSS and email.

Pricing is in place for both individuals and organizations.

Visit the Support Page for details.

Sponsors

Sponsor

Member Highlight

Rmcree


Top Viewed Vulnerabilities this week

18293 Views: 564 Belkin 54G Routers Admin Account Default Null Password
821 Views: 513 Linksys Router Default Password
28946 Views: 444 Microsoft IE Vector Markup Language (VML) Arbitrary Code Execution
40621 Views: 312 Simple PHP Blog (SPHPBlog) add_link.php link_id Variable CSRF
26127 Views: 211 myNewsletter adminLogin.asp UserName Variable SQL Injection
44643 Views: 194 Realtek HD Audio Codec Driver RTKVHDA.sys / RTKVHDA64.sys IOCTL Request Handling Overflow
592 Views: 177 ZyXEL Multiple Routers Default Administrator Password
17082 Views: 158 IBM AIX Performance Tools tprof -x Parameter Privilege Escalation
36385 Views: 154 Microsoft Windows Media Player Skin File Handling Overflow
20712 Views: 117 ASP-Programmers ASPKnowledgebase adminlogin.asp pwd Variable Login SQL Injection

Top Blogged Vulnerabilities this Month

46061 Blogs: 52 Microsoft Windows Bluetooth SDP Packet Processing Remote Code Execution
46083 Blogs: 26 Microsoft IE HTML Object Handling Memory Corruption Arbitrary Code Execution
44906 Blogs: 21 PHP cgi_main.c PATH_TRANSLATED Length Calculation Unspecified Issue
46554 Blogs: 13 Ruby rb_ary_splice Function Overflow (beg + rlen)
46087 Blogs: 9 Logitech Desktop Messenger BackWeb ActiveX Unspecified Overflow
45890 Blogs: 8 VMware Multiple Products Host Guest File System (HGFS) Shared Folders Feature Overflow
46067 Blogs: 7 Microsoft Windows Pragmatic General Multicast (PGM) Packet Handling Remote DoS
46069 Blogs: 7 Apple QuickTime PICT PixData Structure Packed Scanlines Handling Overflow
46065 Blogs: 7 Microsoft DirectX SAMI File Format Processing Arbitrary Code Execution
46104 Blogs: 7 Linux Kernel ASN.1 BER Data Decoding Remote Code Execution

Blogs provided by Technorati

DONATE NOW!

User Status

Quick Searches

Advertisements

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2008 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use