Vulnerability Database

The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and provided here for additional visibility.


Displaying vulnerability details 41 - 50 of 136823 in total

Debian: CVE-2018-16865: systemd -- security update Vulnerability

  • Severity: 4
  • Published: January 09, 2019

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald pri...

Google Chrome Vulnerability: CVE-2018-6144 Vulnerability

  • Severity: 7
  • Published: January 09, 2019

Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file.

Google Chrome Vulnerability: CVE-2018-6163 Vulnerability

  • Severity: 4
  • Published: January 09, 2019

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

Cisco IOS: CVE-2018-0282: Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: January 09, 2019

A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applicat...

Google Chrome Vulnerability: CVE-2018-6172 Vulnerability

  • Severity: 4
  • Published: January 09, 2019

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

Google Chrome Vulnerability: CVE-2018-6165 Vulnerability

  • Severity: 4
  • Published: January 09, 2019

Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Google Chrome Vulnerability: CVE-2018-6166 Vulnerability

  • Severity: 4
  • Published: January 09, 2019

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

Google Chrome Vulnerability: CVE-2018-6175 Vulnerability

  • Severity: 4
  • Published: January 09, 2019

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

Google Chrome Vulnerability: CVE-2018-6158 Vulnerability

  • Severity: 5
  • Published: January 09, 2019

A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Google Chrome Vulnerability: CVE-2018-17461 Vulnerability

  • Severity: 7
  • Published: January 09, 2019

An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.