Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 41 - 50 of 87351 in total

Ubuntu: USN-3191-1 (CVE-2016-7635): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3191-1:

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a maliciou...

Ubuntu: USN-3191-1 (CVE-2016-7586): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3191-1:

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a maliciou...

Ubuntu: USN-3191-1 (CVE-2016-7641): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 05, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3191-1:

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a maliciou...

Debian: DSA-3781 (CVE-2017-5617): svgsalamander -- security update Vulnerability

  • Severity: 4
  • Published: February 04, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3781:

Luc Lynx discovered that SVG Salamander, a SVG engine for Java was

susceptible to server side request forgery.

SUSE: CVE-2016-9597: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: February 03, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-9597:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...

SUSE: CVE-2016-8637: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: February 02, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-8637:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...

SUSE: CVE-2016-10133: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: February 02, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-10133:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

Ubuntu: USN-3190-1 (CVE-2016-10150): Linux kernel vulnerabilities Vulnerability

  • Severity: 10
  • Published: February 02, 2017

Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.

SUSE: CVE-2016-10132: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: February 02, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-10132:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secu...

Ubuntu: USN-3177-2: Tomcat regression Vulnerability

  • Severity: 4
  • Published: February 01, 2017

USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a regression in environments where Tomcat is started with a security manager. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the Tomcat realm implementations incorrectly ...