Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 91 - 100 of 120779 in total

Debian: CVE-2017-17439: heimdal -- security update Vulnerability

  • Severity: 4
  • Published: December 05, 2017

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c ...

SUSE: CVE-2017-15094: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15094:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

SUSE: CVE-2017-15091: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15091:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

SUSE: CVE-2017-15090: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15090:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

SUSE: CVE-2017-15092: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15092:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

SUSE: CVE-2017-15093: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15093:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

Microsoft CVE-2017-11937: Malware Protection Engine Remote Code Execution Vulnerability Vulnerability

  • Severity: 9
  • Published: December 05, 2017

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system....

Palo Alto Networks PAN-SA-2017-0029 (CVE-2017-15870): Global Protect Vulnerability Vulnerability

  • Severity: 4
  • Published: December 04, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From PAN-SA-2017-0029:

An "image path execution hijacking" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requi...

Oracle Linux: CVE-2017-7843: ELSA-2017-3382 - firefox security update Vulnerability

  • Severity: 4
  • Published: December 04, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From ELSA-2017-3382:

[52.5.1-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ...