Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 194,721 in total
Apache Tomcat: Important: Denial of Service (CVE-2021-42340)
Published: October 15, 2021 | Severity: 4
vulnerability
Explore
Apache HTTPD: A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user (CVE-2021-40438)
Published: October 15, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: A local authenticated attacker can cause RPD to core (JSA11242) (CVE-2021-31377)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks. (JSA11254) (CVE-2021-31386)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root (JSA11237) (CVE-2021-31372)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed (JSA11240) (CVE-2021-31375)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: MX Series: MPC 7/8/9/10/11 cards with MAP-E: PFE halts when an attacker sends malformed IPv4 or IPv6 traffic inside the MAP-E tunnel. (JSA11247) (CVE-2021-31379)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: QFX5110 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces (JSA11236) (CVE-2021-31371)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: An attacker sending spoofed RADIUS messages to a Junos OS device configured for broadband services may cause broadband subscribers to remain stuck in a "Terminating" state. (JSA11246) (CVE-2021-31378)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: PTX Series: An FPC heap memory leak will be triggered by certain Flowspec route operations which can lead to an FPC crash (JSA11229) (CVE-2021-31367)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet (JSA11213) (CVE-2021-0299)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal (JSA11220) (CVE-2021-31355)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS (JSA11228) (CVE-2021-31366)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset (JSA11216) (CVE-2021-31351)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS (JSA11224) (CVE-2021-31362)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: SRX Series: Persistent XSS vulnerability in J-Web (JSA11238) (CVE-2021-31373)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of Service (JSA11225) (CVE-2021-31363)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated (JSA11223) (CVE-2021-31361)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic (JSA11230) (CVE-2021-31368)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore
Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root (JSA11253) (CVE-2021-31385)
Published: October 14, 2021 | Severity: 4
vulnerability
Explore