Search
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6062 | 1 Tenable | 1 Nessus | 2023-11-29 | N/A | 6.5 MEDIUM |
| An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition. | |||||
| CVE-2023-6178 | 1 Tenable | 1 Nessus | 2023-11-29 | N/A | 6.5 MEDIUM |
| An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition. | |||||
| CVE-2022-33757 | 1 Tenable | 1 Nessus | 2023-08-08 | N/A | 6.5 MEDIUM |
| An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance. | |||||
| CVE-2021-3449 | 11 Checkpoint, Debian, Fedoraproject and 8 more | 163 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 160 more | 2022-07-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). | |||||
| CVE-2021-20135 | 1 Tenable | 1 Nessus | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus). | |||||
| CVE-2021-20099 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100. | |||||
| CVE-2021-20079 | 1 Tenable | 1 Nessus | 2022-07-12 | 7.2 HIGH | 6.7 MEDIUM |
| Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | |||||
| CVE-2021-20100 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20099. | |||||
| CVE-2021-20106 | 1 Tenable | 1 Nessus | 2022-07-12 | 8.5 HIGH | 6.5 MEDIUM |
| Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | |||||
| CVE-2022-32974 | 1 Tenable | 1 Nessus | 2022-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. | |||||
| CVE-2016-4055 | 3 Momentjs, Oracle, Tenable | 3 Moment, Primavera Unifier, Nessus | 2022-06-06 | 7.8 HIGH | 6.5 MEDIUM |
| The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)." | |||||
| CVE-2019-1559 | 7 Canonical, Debian, F5 and 4 more | 18 Ubuntu Linux, Debian Linux, Traffix Signaling Delivery Controller and 15 more | 2021-01-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). | |||||
| CVE-2018-5407 | 7 Canonical, Debian, Nodejs and 4 more | 20 Ubuntu Linux, Debian Linux, Node.js and 17 more | 2020-09-18 | 1.9 LOW | 4.7 MEDIUM |
| Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. | |||||
| CVE-2020-5765 | 1 Tenable | 1 Nessus | 2020-07-20 | 3.5 LOW | 5.4 MEDIUM |
| Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. Tenable has implemented additional input validation mechanisms to correct this issue in Nessus 8.11.0. | |||||
| CVE-2016-1000029 | 1 Tenable | 1 Nessus | 2019-12-31 | 3.5 LOW | 4.8 MEDIUM |
| Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). | |||||
| CVE-2016-1000028 | 1 Tenable | 1 Nessus | 2019-12-31 | 3.5 LOW | 4.8 MEDIUM |
| Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). | |||||
| CVE-2019-3982 | 1 Tenable | 1 Nessus | 2019-10-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become temporarily unresponsive. | |||||
| CVE-2017-7849 | 1 Tenable | 1 Nessus | 2019-10-03 | 2.1 LOW | 5.5 MEDIUM |
| Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode. | |||||
| CVE-2019-3961 | 1 Tenable | 1 Nessus | 2019-06-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a users browser session. | |||||
| CVE-2017-5179 | 1 Tenable | 1 Nessus | 2019-03-19 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2019-3923 | 1 Tenable | 1 Nessus | 2019-02-12 | 3.5 LOW | 5.4 MEDIUM |
| Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser session. Tenable has released Nessus 8.2.2 to address this issue. | |||||
| CVE-2018-1148 | 1 Tenable | 1 Nessus | 2018-06-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change. | |||||
| CVE-2018-1147 | 1 Tenable | 1 Nessus | 2018-06-19 | 3.5 LOW | 5.4 MEDIUM |
| In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings. | |||||
| CVE-2017-2122 | 1 Tenable | 1 Nessus | 2017-05-19 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-9259 | 1 Tenable | 1 Nessus | 2017-03-01 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-9260 | 1 Tenable | 1 Nessus | 2017-02-03 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files. | |||||