Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 161 - 170 of 120683 in total

SUSE: CVE-2017-15275: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: November 20, 2017

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

Debian: CVE-2017-16613: swauth -- security update Vulnerability

  • Severity: 4
  • Published: November 20, 2017

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by ...

Debian: CVE-2017-16664: otrs2 -- security update Vulnerability

  • Severity: 7
  • Published: November 20, 2017

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.

SUSE: CVE-2017-16664: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: November 20, 2017

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.

Debian: CVE-2017-15275: samba -- security update Vulnerability

  • Severity: 4
  • Published: November 20, 2017

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.