Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 31 - 40 of 87440 in total

Sun Patch: SunOS 5.10_x86: tcsh patch Vulnerability

  • Severity: 4
  • Published: February 08, 2017

Missing Oracle Solaris security patch: 126631-06. See reference URLs for more information.

Sun Patch: SunOS 5.10: Tomcat 6 Patch Vulnerability

  • Severity: 4
  • Published: February 08, 2017

Missing Oracle Solaris security patch: 152514-01. See reference URLs for more information.

Cisco ASA: Clientless SSL VPN CIFS Heap Overflow Vulnerability (cisco-sa-20170208-asa) (CVE-2017-3807) Vulnerability

  • Severity: 4
  • Published: February 08, 2017

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability b...

Ubuntu: USN-3195-1 (CVE-2017-5936): Nova-LXD vulnerability Vulnerability

  • Severity: 4
  • Published: February 08, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3195-1:

James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended...

Sun Patch: SunOS 5.10: Tomcat 8 patch Vulnerability

  • Severity: 4
  • Published: February 08, 2017

Missing Oracle Solaris security patch: 152510-03. See reference URLs for more information.

Debian: DSA-3784 (CVE-2017-5938): viewvc -- security update Vulnerability

  • Severity: 4
  • Published: February 08, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3784:

Thomas Gerbet discovered that viewvc, a web interface for CVS and

Subversion repositories, did not properly sanitize user input. This...