Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 201 - 210 of 120779 in total

Ubuntu: (Multiple Advisories) (CVE-2017-16939): Linux kernel (Azure) vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 23, 2017

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

Exim Denial of Service Vulnerability: CVE-2017-16944 Vulnerability

  • Severity: 5
  • Published: November 23, 2017

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function.

Oracle Linux: CVE-2017-15101: ELSA-2017-3384 - liblouis security update Vulnerability

  • Severity: 4
  • Published: November 23, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15101:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

CentOS: (CVE-2017-15101) CESA-2017:3384: liblouis Vulnerability

  • Severity: 4
  • Published: November 23, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15101:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

Exim Remote Code Execution Vulnerability: CVE-2017-16943 Vulnerability

  • Severity: 8
  • Published: November 23, 2017

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

SUSE: CVE-2017-16939: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: November 23, 2017

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

SUSE: CVE-2017-15101: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: November 23, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2017-15101:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

SUSE: CVE-2016-8728: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: November 22, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-8728:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...