Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 211 - 220 of 130232 in total

Microsoft CVE-2018-8304: Windows DNSAPI Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: July 10, 2018

A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could cause a system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user ...

Microsoft CVE-2018-8325: Microsoft Edge Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: July 10, 2018

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to...

Microsoft CVE-2018-8314: Windows Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: July 10, 2018

An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution. However, the vulnerability could all...