Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 191 - 200 of 132260 in total

Ubuntu: (Multiple Advisories) (CVE-2018-12376): Firefox regressions Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3761-2:

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several

regressions affecting spellchecker dictionaries and search e...

Debian: CVE-2018-16540: ghostscript -- security update Vulnerability

  • Severity: 4
  • Published: September 05, 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.

MFSA2018-20 Firefox: Security vulnerabilities fixed in Firefox 62 (CVE-2018-12381) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.

Red Hat: CVE-2018-12376: Critical: firefox security update (Multiple Advisories) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From RHSA-2018:2693:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update up...

Default jack account available Vulnerability

  • Severity: 7
  • Published: September 05, 2018

ORACLE Solaris live boot media includes a default account with the user ID "jack" and password "jack". It is best practice to remove default accounts or change the password

Debian: CVE-2018-16509: ghostscript -- security update Vulnerability

  • Severity: 4
  • Published: September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

CentOS: (CVE-2018-12376) (Multiple Advisories): firefox Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From CESA-2018:2693:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update up...

Ubuntu: (Multiple Advisories) (CVE-2018-12383): Firefox regressions Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3761-2:

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several

regressions affecting spellchecker dictionaries and search e...

Alpine Linux: CVE-2018-14618: curl NTLM password overflow via integer overflow Vulnerability

  • Severity: 4
  • Published: September 05, 2018

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password ...