Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 71 - 80 of 139825 in total

MFSA2019-08 Firefox: Security vulnerabilities fixed in Firefox ESR 60.6 (CVE-2019-9788) Vulnerability

  • Severity: 4
  • Published: March 19, 2019

Mozilla developers and community members Bob Clary, Chun-Min Chang, Aral Yaman, Andreea Pavel, Jonathan Kew, Gary Kwong, Alex Gaynor, Masayuki Nakano, and Anne van Kesteren reported memory safety bugs present in Firefox 65 and Firefox ESR 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort...

MFSA2019-08 Firefox: Security vulnerabilities fixed in Firefox ESR 60.6 (CVE-2019-9793) Vulnerability

  • Severity: 4
  • Published: March 19, 2019

A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances whe...

MFSA2019-07 Firefox: Security vulnerabilities fixed in Firefox 66 (CVE-2019-9791) Vulnerability

  • Severity: 4
  • Published: March 19, 2019

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an...

SUSE: CVE-2019-3863: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: March 19, 2019

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2019-3863:

This CVE is addressed in the SUSE advisories SUSE-SU-2019:13982-1.