Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 41 - 50 of 86244 in total

SUSE: CVE-2017-2931: SUSE Linux Security Advisory Vulnerability

  • Severity: 10
  • Published: January 09, 2017

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.

SUSE: CVE-2017-2926: SUSE Linux Security Advisory Vulnerability

  • Severity: 10
  • Published: January 09, 2017

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.

MS17-002: Security Update for Microsoft Office (3214291) Vulnerability

  • Severity: 9
  • Published: January 09, 2017

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker ...

Ubuntu: USN-3166-1 (CVE-2016-4764): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 9
  • Published: January 09, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3166-1:

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a maliciou...

Ubuntu: USN-3166-1 (CVE-2016-4613): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 9
  • Published: January 09, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3166-1:

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a maliciou...