Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 1 - 10 of 127344 in total

Apache Tomcat: Low: CORS filter has insecure defaults (CVE-2018-8014) Vulnerability

  • Severity: 4
  • Published: May 16, 2018

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the d...

Huawei EulerOS: CVE-2018-1087: kernel security update Vulnerability

  • Severity: 4
  • Published: May 15, 2018

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver ...

CentOS: (CVE-2018-1111) (Multiple Advisories): dhcp Vulnerability

  • Severity: 4
  • Published: May 15, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From CESA-2018:1454:

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network conf...

Oracle Linux: (CVE-2018-1111) (Multiple Advisories): dhcp security update Vulnerability

  • Severity: 4
  • Published: May 15, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From ELSA-2018-1454:

[12:4.1.1-53.P1.0.1.4] - Added oracle-errwarn-message.patch [12:4.1.1-53.P1.el6_9.4] - Resolves: #1570897 - Fix comamnd execution in NM s...

Red Hat: CVE-2018-1111: Critical: dhcp security update ((Multiple Advisories)) Vulnerability

  • Severity: 4
  • Published: May 15, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From RHSA-2018:1461:

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network conf...