Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 101 - 110 of 120683 in total

Debian: CVE-2017-8817: curl -- security update Vulnerability

  • Severity: 4
  • Published: November 28, 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Cisco SAN-OS: Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches Bash Shell Unauthorized Access Vulnerability (CVE-2017-12340) Vulnerability

  • Severity: 5
  • Published: November 28, 2017

A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash shell is disabled on the system. The vuln...

Alpine Linux: CVE-2017-8816: curl Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: November 28, 2017

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

Alpine Linux: CVE-2017-8817: curl Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: November 28, 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Alpine Linux: CVE-2017-8818: curl Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: November 28, 2017

curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.

Ubuntu: USN-3498-1 (CVE-2017-8816): curl vulnerabilities Vulnerability

  • Severity: 4
  • Published: November 28, 2017

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

Ubuntu: USN-3500-1 (CVE-2017-16611): libXfont vulnerability Vulnerability

  • Severity: 4
  • Published: November 28, 2017

In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.

Ubuntu: (Multiple Advisories) (CVE-2017-8817): curl vulnerability Vulnerability

  • Severity: 4
  • Published: November 28, 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.