Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rapid7 — Vulnerabilities & Security Advisories 84

Browse all 84 CVE security advisories affecting Rapid7. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Rapid7:NexposeVelociraptorInsight AgentAppSpider ProMetasploit FrameworkMetasploit ProInsightVMMetasploitInsightCloudSecAppSpiderInsight PlatformKomandMetasploit (Pro, Express, and Community editions)Nexpose hardware applianceNexpose Virtual ApplianceNexpose/InsightVM Security ConsoleInsightAppSecRapid7 NexposeInsight CollectorMinervaInsightVM/NexposeVulnerability Management
CVE IDTitleCVSSSeverityPublished
CVE-2022-3913 Rapid7 Nexpose Certificate Validation Issue — NexposeCWE-295 5.3 Medium2023-02-01
CVE-2023-0290 Rapid7 Velociraptor directory traversal in client ID parameter — VelociraptorCWE-22 4.3 -2023-01-18
CVE-2023-0242 Insufficient permission check in the VQL copy() function — VelociraptorCWE-269 8.8 -2023-01-18
CVE-2017-5242 Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key — Nexpose Virtual ApplianceCWE-321 7.7 -2023-01-12
CVE-2022-4261 Rapid7 Nexpose Update Validation Issue — NexposeCWE-494 4.4 Medium2022-12-07
CVE-2019-5641 Rapid7 InsightVM Information Disclosure after Logout — InsightVMCWE-200 3.3 Low2022-09-21
CVE-2022-35632 XSS in User Interface — VelociraptorCWE-79 4.8 -2022-07-29
CVE-2022-35631 Filesystem race on temporary files — VelociraptorCWE-377 5.5 -2022-07-29
CVE-2022-35630 Unsafe HTML Injection in Artifact Collection Report — VelociraptorCWE-79 5.4 -2022-07-29
CVE-2022-35629 Velociraptor Client ID Spoofing — VelociraptorCWE-287 4.3 -2022-07-29
CVE-2022-0758 Rapid7 Nexpose Reflected XSS — NexposeCWE-79 3.3 Low2022-03-17
CVE-2022-0757 Rapid7 Nexpose SQL Injection — NexposeCWE-89 5.5 Medium2022-03-17
CVE-2022-0237 Rapid7 Insight Agent Privilege Escalation — Insight AgentCWE-264 4.0 Medium2022-03-17
CVE-2021-4016 Rapid7 Insight Agent Improper Access Control — Insight AgentCWE-284 4.0 Medium2022-01-21
CVE-2021-4007 Rapid7 Insight Agent Privilege Escalation — Insight AgentCWE-427 7.8 High2021-12-14
CVE-2019-5640 Rapid7 Nexpose Information Disclosure after logout — NexposeCWE-200 3.3 Low2021-11-22
CVE-2021-31868 Rapid7 Nexpose Security Console Ticket Access Authentication Vulnerability — NexposeCWE-306 4.3 Medium2021-08-19
CVE-2021-3619 Rapid7 Velociraptor Notebooks Authenticated Persistent XSS — VelociraptorCWE-79 3.5 Low2021-08-17
CVE-2021-3535 Rapid7 Nexpose 跨站脚本漏洞 — Rapid7 NexposeCWE-79 4.3 Medium2021-06-16
CVE-2020-7385 Metasploit Framework 'drb_remote_codeexec' code execution — Metasploit FrameworkCWE-502 8.1 High2021-04-23
CVE-2020-7384 Client-Side Command Injection in Rapid7 Metasploit — MetasploitCWE-77 7.0 High2020-10-29
CVE-2020-7383 SQL Injection in Rapid7 Nexpose — NexposeCWE-89 6.5 Medium2020-10-14
CVE-2020-7358 Code Injection in Rapid7 AppSpider Pro Installer — AppSpiderCWE-427 5.8 Medium2020-09-18
CVE-2020-7382 Unquoted Path in Rapid7 Nexpose Installer — NexposeCWE-428 6.8 Medium2020-09-03
CVE-2020-7381 Code Injection in Rapid7 Nexpose Installer — NexposeCWE-94 5.8 Medium2020-09-03
CVE-2019-5645 Rapid7 Metasploit HTTP Handler Denial of Service — Metasploit FrameworkCWE-400 7.5 High2020-09-01
CVE-2020-7377 Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module — Metasploit FrameworkCWE-23 8.1 High2020-08-24
CVE-2020-7376 Rapid7 Metasploit Framework Relative Path Traversal in enum_osx module — Metasploit FrameworkCWE-23 7.1 High2020-08-24
CVE-2020-7355 Rapid7 Metasploit Pro Stored XSS in 'notes' field — Metasploit ProCWE-79 6.1 Medium2020-06-25
CVE-2020-7354 Rapid7 Metasploit Pro Stored XSS in 'host' field — Metasploit ProCWE-79 6.1 Medium2020-06-25

This page lists every published CVE security advisory associated with Rapid7. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.