Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 61 - 70 of 136048 in total

Debian: CVE-2018-18494: firefox-esr -- security update Vulnerability

  • Severity: 4
  • Published: December 11, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-4354:

Multiple security issues have been found in the Mozilla Firefox web

browser, which could potentially result in the execution of arbit...

Microsoft CVE-2018-8626: Windows DNS Server Heap Overflow Vulnerability Vulnerability

  • Severity: 4
  • Published: December 11, 2018

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnera...

Microsoft CVE-2018-8599: Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: December 11, 2018

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system could exploit this vulnerability. The sec...