Latest tenable nessus Vulnerabilities

CVE-2024-0955
Stored XSS vulnerability
Tenable Nessus<10.7.0
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote ...
Tenable Nessus<10.4.4
CVE-2023-6062
Arbitrary File Write
Tenable Nessus<10.5.7
Tenable Nessus>=10.6.0<10.6.3
CVE-2023-5847
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus<10.6.2
Tenable Nessus Agent<10.4.3
Linux Linux kernel
Microsoft Windows
CVE-2023-3253
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
Tenable Nessus<10.6.0
CVE-2023-3251
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: b...
Tenable Nessus<10.6.0
CVE-2023-3252
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with l...
Tenable Nessus<10.6.0
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to...
Tenable Nessus<10.4.2
Tenable Plugin Feed<202212081952
CVE-2023-0524
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment va...
Tenable Nessus
Tenable Tenable.Io
Tenable Tenable.sc
CVE-2023-0101
A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to ...
Tenable Nessus>=8.10.1<8.15.8
Tenable Nessus>=10.0.0<10.4.2
CVE-2022-3499
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.
Tenable Nessus<10.4.0
CVE-2022-33757
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target...
Tenable Nessus<10.2.0
CVE-2022-28291
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affecte...
Tenable Nessus
CVE-2022-32974
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Tenable Nessus<10.2.0
CVE-2022-0778
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of t...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 83 more
CVE-2022-23990
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
redhat/mingw-expat<0:2.4.8-1.el8
Libexpat Project Libexpat<2.4.4
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
Oracle Communications Metasolv Solution=6.3.1
Debian Debian Linux=10.0
and 20 more
CVE-2022-23852
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/expat<0:2.2.5-4.el8_4.3
Libexpat Project Libexpat<2.4.4
NetApp Clustered Data ONTAP
NetApp OnCommand Workflow Automation
and 21 more
CVE-2022-22827
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
debian/expat<=2.4.2-1<=2.2.6-2+deb10u1<=2.2.6-2<=2.2.10-2
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
and 30 more
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
CVE-2022-22825
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
CVE-2021-46143
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
redhat/expat<2.4.3
Libexpat Project Libexpat<2.4.3
Apple iPadOS
and 31 more
CVE-2021-45960
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memor...
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
debian/expat<=2.2.6-2<=2.2.10-2<=2.2.6-2+deb10u1<=2.4.2-1
redhat/expat<2.4.3
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
and 28 more
CVE-2021-20135
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Ag...
Tenable Nessus<=8.15.2
CVE-2021-20106
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to g...
Tenable Nessus<=8.2.5
CVE-2021-20079
Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gainin...
Tenable Nessus<=8.13.2
CVE-2021-20099
Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows exe...
Tenable Nessus<=8.2.4
Microsoft Windows
CVE-2021-20100
Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows exe...
Tenable Nessus<8.2.5
Microsoft Windows
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it...
rust/openssl-src<111.15.0
debian/openssl
OpenSSL OpenSSL>=1.1.1<1.1.1k
Debian Debian Linux=9.0
Debian Debian Linux=10.0
FreeBSD FreeBSD=12.2
and 202 more
CVE-2021-3450
OpenSSL could allow a remote attacker to bypass security restrictions, caused by a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any v...
rust/openssl-src>=111.11.0<111.15.0
IBM Security Verify Access<=10.0.0
OpenSSL OpenSSL>=1.1.1h<1.1.1k
FreeBSD FreeBSD=12.2
FreeBSD FreeBSD=12.2-p1
FreeBSD FreeBSD=12.2-p2
and 52 more
CVE-2020-5793
A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially co...
Tenable Nessus>=8.9.0<=8.12.0
Tenable Nessus Agent=8.0.0
Tenable Nessus Agent=8.1.0
Microsoft Windows
CVE-2020-5774
Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access ...
Tenable Nessus<=8.11.0
CVE-2020-5765
Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit th...
Tenable Nessus<=8.10.0
CVE-2016-1000028
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
Tenable Nessus<6.8.0
CVE-2016-1000029
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).
Tenable Nessus<6.8.0
CVE-2019-3974
Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
Tenable Nessus<=8.5.2
Microsoft Windows
CVE-2019-3962
Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious...
Tenable Nessus<8.5.0
CVE-2019-3961
Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit t...
Tenable Nessus<=8.4.0
CVE-2018-20843
libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cons...
redhat/jbcs-httpd24-curl<0:7.64.1-36.jbcs.el6
redhat/jbcs-httpd24-httpd<0:2.4.37-57.jbcs.el6
redhat/jbcs-httpd24-nghttp2<0:1.39.2-25.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-36.jbcs.el7
redhat/jbcs-httpd24-httpd<0:2.4.37-57.jbcs.el7
redhat/jbcs-httpd24-nghttp2<0:1.39.2-25.jbcs.el7
and 51 more
CVE-2019-1559
OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. ...
redhat/openssl<0:1.0.1e-58.el6_10
redhat/openssl<1:1.0.2k-19.el7
redhat/jws5-ecj<0:4.12.0-1.redhat_1.1.el6
redhat/jws5-javapackages-tools<0:3.4.1-5.15.11.el6
redhat/jws5-jboss-logging<0:3.3.2-1.Final_redhat_00001.1.el6
redhat/jws5-tomcat<0:9.0.21-10.redhat_4.1.el6
and 226 more
CVE-2019-3923
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this v...
Tenable Nessus<=8.2.1
CVE-2018-5407
A flaw was found in microprocessor execution engine sharing on SMT (e.g. Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process...
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 45 more
CVE-2018-1148
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a us...
Tenable Nessus<7.1.0
CVE-2018-1147
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator all...
Tenable Nessus<7.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203