Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.

Displaying vulnerability details 1 - 10 of 86244 in total

Juniper Junos OS: Denial of Service vulnerability in RPD (JSA10771) (CVE-2017-2302) Vulnerability

  • Severity: 4
  • Published: January 12, 2017

On Junos OS devices where the BGP add-path feature is enabled with 'send' option or with both 'send' and 'receive' options, a network based attacker can cause the Junos OS rpd daemon to crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition.

SUSE: CVE-2016-1249: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: January 11, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-1249:

This CVE is addressed in the SUSE advisories

Juniper Junos OS: SRX Series denial of service vulnerability in flowd due to crafted multicast packets (JSA10768) (CVE-2017-2300) Vulnerability

  • Severity: 4
  • Published: January 10, 2017

The flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.  Upon the flowd crash, data plane redundancy groups will fail over to the secondary node in the chassis cluster while flowd on the primary node restarts.