Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 1 - 10 of 130422 in total

OS X update for Kernel (CVE-2018-4185) Vulnerability

  • Severity: 4
  • Published: July 20, 2018
An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

FFmpeg: CVE-2018-14394: Unspecified Security Vulnerability Vulnerability

  • Severity: 4
  • Published: July 19, 2018

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.

FFmpeg: CVE-2018-14395: Unspecified Security Vulnerability Vulnerability

  • Severity: 4
  • Published: July 19, 2018

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.

Apache HTTPD: DoS for HTTP/2 connections by crafted requests (CVE-2018-1333) Vulnerability

  • Severity: 4
  • Published: July 19, 2018

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default

F5 Networks: K64552448 (CVE-2018-5534): SSL forward proxy vulnerability CVE-2018-5534 Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From K64552448:

This vulnerability may allow a remote attacker to cause the Traffic Management Microkernel (TMM) to produce a core file, resulting in a service...

F5 Networks: K45325728 (CVE-2018-5533): SSL forward proxy vulnerability CVE-2018-5533 Vulnerability

  • Severity: 4
  • Published: July 18, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From K45325728:

This vulnerability may allow a remote attacker to cause the Traffic Management Microkernel (TMM) to produce a core file, resulting in a service...

Wireshark : CVE-2018-14341 : DICOM dissector large loop Vulnerability

  • Severity: 4
  • Published: July 18, 2018

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.