Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.

Displaying vulnerability details 81 - 90 of 117882 in total

SUSE: CVE-2017-7828: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: November 13, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-F78EAC48-C3D1-4666-8DE5-63CEEA25A578:

Mozilla Foundation reports:

CVE-2017-7828: Use-after-free...

MFSA2017-24 Firefox: Security vulnerabilities fixed in Firefox 57 (CVE-2017-7834) Vulnerability

  • Severity: 4
  • Published: November 13, 2017

A data: URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when data: documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks.