• Close
  • Vulnerability Database

    The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.

    Displaying vulnerability details 1 - 10 of 76491 in total

    FreeBSD: End of Life Ports Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take caution and find alternative software as soon as possible.

    Ubuntu: USN-3066-1 (CVE-2016-5423): PostgreSQL vulnerabilities Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From USN-3066-1:

    Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use t...

    Oracle Linux: CVE-2016-1000110: ELSA-2016-1626 - python security update Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From ELSA-2016-1626:

    [2.6.6-66.0.1] - Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma) [2.6.6-66] - Fix for CVE-2016-1000110 HTT...

    Ubuntu: USN-3066-1 (CVE-2016-5424): PostgreSQL vulnerabilities Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From USN-3066-1:

    Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use t...

    Red Hat: CVE-2016-1000110: Moderate: python security update (RHSA-2016:1626) Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From ELSA-2016-1626:

    [2.6.6-66.0.1] - Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma) [2.6.6-66] - Fix for CVE-2016-1000110 HTT...

    Cent OS: CVE-2016-1000110: CESA-2016:1626 (python) Vulnerability

    • Severity: 4
    • Published: August 17, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From ELSA-2016-1626:

    [2.6.6-66.0.1] - Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma) [2.6.6-66] - Fix for CVE-2016-1000110 HTT...

    FreeBSD: phpmyadmin -- multiple vulnerabilities (Multiple CVEs) Vulnerability

    • Severity: 4
    • Published: August 16, 2016

    The phpmyadmin development team reports: Summary Weakness with cookie encryption Description A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has acce...

    Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability (cisco-sa-20160817-asa-snmp) (cve-2016-6366) (EXTRABACON) Vulnerability

    • Severity: 10
    • Published: August 16, 2016

    A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit...

    Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability (cisco-sa-20160817-asa-cli) (cve-2016-6367) (EPICBANANA) Vulnerability

    • Severity: 10
    • Published: August 16, 2016

    A vulnerability in the command-line interface (CLI) parser of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, local attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. An attacker could exploit this vulnerability by invoking certain invalid commands in an affected d...