Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 1 - 10 of 131376 in total

SUSE: CVE-2018-10853: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: August 16, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2018-10853:

This CVE is addressed in the SUSE advisories SUSE-SU-2018:2341-1, SUSE-SU-2018:2342-1, SUSE-SU-2018:2345-1, SUSE-SU-2018:2346-1, SUSE...

Samba CVE-2018-1140: Denial of Service Attack on DNS and LDAP server Vulnerability

  • Severity: 4
  • Published: August 16, 2018

All versions of Samba from 4.8.0 onwards are vulnerable to a denial of service attack when Samba is an Active Directory Domain Controller. Missing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.

Debian: CVE-2018-3646: xen -- security update Vulnerability

  • Severity: 5
  • Published: August 15, 2018

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.