The Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the community.
Our goal is to provide accurate, detailed, current, and unbiased technical information.
The database currently covers 80,785 vulnerabilities, spanning 41,569 products from 4,735 researchers, over 109 years.

Latest OSVDB Vulnerabilities

81928 Disclosed: 2012-05-15 JW Player player.swf debug Parameter XSS
81927 Disclosed: 2012-05-06 GENU User Account Deletion CSRF
81926 Disclosed: 2012-05-15 Track That Stat Plugin for WordPress wp-content/plugins/track-that-stat/js/trackthatstat.php data Parameter XSS
81925 Disclosed: 2012-05-15 Subscribe2 Plugin for WordPress wp-admin/admin.php Multiple Parameter XSS
81924 Disclosed: 2010-11-25 gdk-pixbuf io-xbm.c read_bitmap_file_data() Function Image Dimension XBM File Handling Remote Overflow
81923 Disclosed: 2012-05-15 GRAND Flash Album Gallery Plugin for WordPress wp-admin/admin.php skin Parameter XSS
81922 Disclosed: 2012-05-15 Mingle Forum Plugin for WordPress wp-admin/admin.php Multiple Parameter XSS
81921 Disclosed: 2012-05-15 Network Publisher Plugin for WordPress wp-admin/plugins.php networkpub_key Parameter XSS
81920 Disclosed: 2012-05-15 Newsletter Manager Plugin for WordPress wp-admin/admin.php xyz_em_campName Parameter XSS
81919 Disclosed: 2012-05-15 SoundCloud Is Gold Plugin for WordPress wp-admin/admin-ajax.php width Parameter XSS

Support OSVDB!

Visit the Support Page for other support options.

OSVDB News Feed

2012-03-30We're Still Here - Update on OSVDB Project: Data and Exports
Osvdbnews
2012-03-26Ferreting Out Unique Vulnerability Data in OSVDB
2010-09-07Open Security Foundation Announces New Advisory Board
2010-07-27Open Security Foundation Launches New Cloud Security Project
2010-04-01March Update: Challenge: OSVDB Winter 2010 Fundraising Goal = done
2010-03-08iDefense VCP as seen through OSVDB
2010-03-01February Update: OSVDB Winter 2010 Fundraising Goal
2010-02-19Time to.. Track More Data
2010-02-12Open Security Foundation - Advisory Board - Call for Nominations
2010-02-06Open Security Foundation - State of the Union 2010

Sponsors

Sponsor

Quick Searches

Twitter Feed

Vulnerabilities in OSVDB disclosed by type by quarter

Chart?cht=lc&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,380,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,450|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,197,226,245,198,155,272|167,184,249,203,198,154,178,195,197,207,206,247,277,254,226,212,208,178,164,190,249,192,156,173,156,168,198,184,155,152,121,176&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|150|300|450|600|750|900&chds=0,904&chco=005588,558800,008877,000000,887700,880011 Chart?chbh=a&cht=bvs&chs=400x230&chd=t:148,156,145,202,366,298,497,453,793,370,409,339,354,380,322,424,409,414,293,281,348,405,447,372,423,477,437,396,311,421,384,450|71,85,79,128,327,209,504,340,487,237,396,240,226,233,234,403,499,436,526,290,308,346,183,297,263,249,272,169,115,208,174,178|0,0,0,1,6,3,2,0,5,6,9,14,12,26,29,44,24,41,36,44,30,28,56,70,83,71,56,59,45,35,27,81|14,3,8,49,56,76,63,79,740,904,754,446,515,359,284,255,218,243,251,138,145,182,54,142,237,77,28,36,19,53,40,66|195,180,181,209,237,229,256,265,219,186,201,259,266,263,208,214,197,222,183,207,177,278,173,238,205,261,197,226,245,198,155,272|167,184,249,203,198,154,178,195,197,207,206,247,277,254,226,212,208,178,164,190,249,192,156,173,156,168,198,184,155,152,121,176&chdl=xss|sql%20injection|csrf|file%20inclusion|dos|overflow&chxt=x,x,y&chxl=0:|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|2|3|4|1|1:|2004||||2005||||2006||||2007||||2008||||2009||||2010||||2011||||2:|0|406|812|1218|1624|2030|2436&chds=0,2441&chco=005588,558800,008877,000000,887700,880011
[view larger version] [view larger version]

Top Viewed Vulnerabilities this week Feed

65465 Views: 850 WMS-CMS printpage.asp Multiple Parameter SQL Injection
13002 Views: 315 AWStats awstats.pl configdir Parameter Arbitrary Command Execution
76733 Views: 266 Digital College includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basepath Parameter Remote File Inclusion
76780 Views: 255 Magtrb MyNews includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php basename Parameter Remote File Inclusion
18293 Views: 231 Belkin 54G Routers Admin Account Default Null Password
13834 Views: 227 AWStats awstats.pl debug mode Information Disclosure
66441 Views: 223 Siemens SIMATIC WinCC Default Password
62780 Views: 151 Bild Flirt Community index.php id Parameter SQL Injection
62923 Views: 142 Domain Verkaus & Auktions Portal index.php id Parameter SQL Injection
78443 Views: 139 Oracle VM VirtualBox Shared Folders Component Unspecified Local Issue

Top Blogged Vulnerabilities this Month Feed

Blogs provided by Technorati

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use