Latest tenable nessus network monitor Vulnerabilities

● CVE-2023-5624

Blind SQL Injection

Tenable Nessus Network Monitor<6.3.0

● CVE-2023-5623

Privilege Escalation

Tenable Nessus Network Monitor<6.3.0

● CVE-2023-5622

Privilege Escalation

Tenable Nessus Network Monitor<6.3.0

● CVE-2021-3712

OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...

redhat/jbcs-httpd24-apr<0:1.6.3-107.el8

redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8

redhat/jbcs-httpd24-curl<0:7.78.0-2.el8

redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8

redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8

redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8

and 79 more

● CVE-2021-3711

OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content,...

debian/openssl

redhat/openssl<1.1.1

IBM Cognos Analytics<=12.0.0-12.0.1

IBM Cognos Analytics<=11.2.0-11.2.4 FP2

IBM Cognos Analytics<=11.1.1-11.1.7 FP7

OpenSSL OpenSSL>=1.1.1<1.1.1l

and 41 more

● CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it...

rust/openssl-src<111.15.0

debian/openssl

IBM Cognos Analytics<=12.0.0-12.0.1

IBM Cognos Analytics<=11.2.0-11.2.4 FP2

IBM Cognos Analytics<=11.1.1-11.1.7 FP7

OpenSSL OpenSSL>=1.1.1<1.1.1k

and 202 more

● CVE-2021-3450

OpenSSL could allow a remote attacker to bypass security restrictions, caused by a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any v...

rust/openssl-src>=111.11.0<111.15.0

IBM Security Verify Access<=10.0.0

OpenSSL OpenSSL>=1.1.1h<1.1.1k

FreeBSD FreeBSD=12.2

FreeBSD FreeBSD=12.2-p1

FreeBSD FreeBSD=12.2-p2

and 52 more

● CVE-2021-23841

WebRTC. A null pointer dereference was addressed with improved input validation.

redhat/jbcs-httpd24-apr<0:1.6.3-107.el8

redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8

redhat/jbcs-httpd24-curl<0:7.78.0-2.el8

redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8

redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8

redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8

and 67 more

● CVE-2021-23840

OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application t...

redhat/jbcs-httpd24-apr<0:1.6.3-107.el8

redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8

redhat/jbcs-httpd24-curl<0:7.78.0-2.el8

redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8

redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8

redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8

and 86 more

● CVE-2020-1971

A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash res...

redhat/jbcs-httpd24-brotli<0:1.0.6-40.jbcs.el7

redhat/jbcs-httpd24-httpd<0:2.4.37-66.jbcs.el7

redhat/jbcs-httpd24-nghttp2<0:1.39.2-35.jbcs.el7

redhat/jbcs-httpd24-openssl<1:1.1.1g-3.jbcs.el7

redhat/jbcs-httpd24-openssl-chil<0:1.0.0-3.jbcs.el7

redhat/jbcs-httpd24-openssl-pkcs11<0:0.4.10-18.jbcs.el7

and 95 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.