Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 141 - 150 of 136823 in total

SUSE: CVE-2018-20022: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: December 19, 2018

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR<...

SUSE: CVE-2018-15126: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2018

LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution

SUSE: CVE-2018-15127: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2018

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution

SUSE: CVE-2018-20023: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: December 19, 2018

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR

SUSE: CVE-2018-6307: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2018

LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.

Microsoft CVE-2018-8653: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: December 19, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the sa...

SUSE: CVE-2018-20019: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2018

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution