Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 1 - 10 of 130357 in total

Apache HTTPD: DoS for HTTP/2 connections by crafted requests (CVE-2018-1333) Vulnerability

  • Severity: 4
  • Published: July 19, 2018

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default

Oracle Solaris 11: CVE-2018-2928: Vulnerability in RAD Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks require human interaction from a person othe...

Java CPU July 2018 Java SE vulnerability (CVE-2018-2938) Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerability is in Java SE, attacks may...

Oracle Solaris 11: CVE-2018-2926: Vulnerability in NVIDIA-GFX Kernel driver Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via ISCSI to compromise Solaris. Successful attacks of this vulnerability can result in u...

Java CPU July 2018 Java SE vulnerability (CVE-2018-2941) Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from ...