Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 161 - 170 of 132219 in total

Ubuntu: USN-3764-1 (CVE-2018-0502): Zsh vulnerabilities Vulnerability

  • Severity: 4
  • Published: September 05, 2018

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

Default jack account available Vulnerability

  • Severity: 7
  • Published: September 05, 2018

ORACLE Solaris live boot media includes a default account with the user ID "jack" and password "jack". It is best practice to remove default accounts or change the password

MFSA2018-20 Firefox: Security vulnerabilities fixed in Firefox 62 (CVE-2018-12376) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Mozilla developers and community members Alex Gaynor, Boris Zbarsky, Christoph Diehl, Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, and Andrei Cristian Petcu reported memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed ...

Debian: CVE-2018-16541: ghostscript -- security update Vulnerability

  • Severity: 4
  • Published: September 05, 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.

Debian: CVE-2018-12377: firefox-esr -- security update Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-4287:

Several security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors and use-after-frees may lea...

Debian: CVE-2018-16513: ghostscript -- security update Vulnerability

  • Severity: 4
  • Published: September 05, 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

Ubuntu: USN-3764-1 (CVE-2018-13259): Zsh vulnerabilities Vulnerability

  • Severity: 4
  • Published: September 05, 2018

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

CentOS: (CVE-2018-12378) (Multiple Advisories): firefox Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From CESA-2018:2693:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update up...