Latest tenable tenable.sc Vulnerabilities

CVE-2023-0524
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment va...
Tenable Nessus
Tenable Tenable.Io
Tenable Tenable.sc
CVE-2023-24495
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact w...
Tenable Tenable.sc<=5.23.1
CVE-2023-24493
Tenable Tenable.sc<=5.23.1
CVE-2023-24494
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit thi...
Tenable Tenable.sc<=5.23.1
CVE-2023-0476
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory us...
Tenable Tenable.sc<=5.23.1
CVE-2022-24828
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control t...
composer/composer/composer>=2.3<2.3.5>=2.0<2.2.12<1.10.26
Getcomposer Composer<1.10.26
Getcomposer Composer>=2.0.0<2.2.12
Getcomposer Composer>=2.3.0<2.3.5
Tenable Tenable.sc<5.21.0
Fedoraproject Fedora=34
and 5 more
CVE-2022-24785
### Impact This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg `fr` is directly used to switch moment locale. ### Patches This problem is patched...
redhat/servicemesh-prometheus<0:2.14.0-18.el8.1
redhat/servicemesh-prometheus<0:2.23.0-9.el8
redhat/ceph<2:16.2.10-94.el8c
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el8ea
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
and 24 more
CVE-2022-0130
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. ...
Tenable Tenable.sc>=5.14.0<=5.19.1
CVE-2021-44224
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server>=2.4.7<2.4.52
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 39 more
CVE-2021-44790
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server<=2.4.51
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 40 more
CVE-2021-21707
Fixed bug (special character is breaking the path in xml function). (CVE-2021-21707)
PHP PHP>=7.3.0<7.3.33
PHP PHP>=7.4.0<7.4.26
PHP PHP>=8.0.0<8.0.13
NetApp Clustered Data ONTAP
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 10 more
CVE-2021-41183
### Impact Accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```...
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.14.04.1~
ubuntu/jqueryui<1.13.0
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.18.04.1~
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.20.04.1
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.16.04.1~
rubygems/jquery-ui-rails<7.0.0
and 116 more
CVE-2021-41184
### Impact Accepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following...
rubygems/jquery-ui-rails<7.0.0
nuget/jQuery.UI.Combined<1.13.0
maven/org.webjars.npm:jquery-ui<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 75 more
CVE-2021-41182
### Impact Accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```js...
rubygems/jquery-ui-rails<7.0.0
maven/org.webjars.npm:jquery-ui<1.13.0
nuget/jQuery.UI.Combined<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 126 more
CVE-2021-41116
### Impact Windows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected. ### Patches 1.10.23 and 2.1.9 f...
composer/composer/composer>=2.0.0-alpha1<2.1.9<1.10.23
Getcomposer Composer<1.10.23
Getcomposer Composer>=2.0.0<2.1.9
Tenable Tenable.sc<5.21.0
composer/composer/composer>=2.0.0-alpha1<2.1.9
composer/composer/composer<1.10.23
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 38 more
CVE-2021-3712
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 79 more
CVE-2021-3711
OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content,...
debian/openssl
redhat/openssl<1.1.1
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
OpenSSL OpenSSL>=1.1.1<1.1.1l
and 41 more
CVE-2021-33193
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.4...
redhat/jbcs-httpd24-httpd<0:2.4.51-28.el8
redhat/jbcs-httpd24-httpd<0:2.4.51-28.el7
redhat/httpd24-httpd<0:2.4.34-23.el7.5
Apache HTTP server>=2.4.17<=2.4.48
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 3 more
CVE-2021-23358
The package `underscore` from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is ...
npm/underscore>=1.3.2<1.12.1
Underscorejs Underscore>=1.3.2<1.12.1
Underscorejs Underscore>=1.13.0-0<1.13.0-2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Tenable Tenable.sc<=5.18.0
and 5 more
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it...
rust/openssl-src<111.15.0
debian/openssl
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
OpenSSL OpenSSL>=1.1.1<1.1.1k
and 202 more
CVE-2021-20076
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the T...
Tenable Tenable.sc>=5.13.0<=5.17.0
CVE-2021-23841
WebRTC. A null pointer dereference was addressed with improved input validation.
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 67 more
CVE-2020-5808
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution...
Tenable Tenable.sc<5.17.0
CVE-2020-7069
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used...
PHP PHP>=7.2.0<7.2.34
PHP PHP>=7.3.0<7.3.23
PHP PHP>=7.4.0<7.4.11
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 18 more
CVE-2020-7070
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefi...
debian/php7.3
debian/php7.4
ubuntu/php5<5.5.9+dfsg-1ubuntu4.29+
ubuntu/php7.0<7.0.33-0ubuntu0.16.04.16
ubuntu/php7.2<7.2.24-0ubuntu0.18.04.7
ubuntu/php7.4<7.4.3-4ubuntu2.4
and 19 more
CVE-2020-7068
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which c...
<7.2.33
PHP PHP>=7.2.0<7.2.33
PHP PHP>=7.3.0<7.3.21
PHP PHP>=7.4.0<7.4.9
Debian Debian Linux=10.0
Tenable Tenable.sc<5.19.0
and 2 more
CVE-2020-5737
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques...
Tenable Tenable.sc=5.14.0
Tenable Tenable.sc=5.14.1
CVE-2020-7067
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated...
<7.3.17
PHP PHP>=7.2.0<7.2.30
PHP PHP>=7.3.0<7.3.17
PHP PHP>=7.4.0<7.4.5
Tenable Tenable.sc<5.19.0
Oracle Communications Diameter Signaling Router>=8.0.0.0<=8.4.0.5
and 4 more
CVE-2020-11656
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
SQLite SQLite<=3.31.1
NetApp ONTAP Select Deploy administration utility
Oracle Communications Network Charging And Control>=12.0.0<=12.0.3
Oracle Communications Network Charging And Control=6.0.1
Oracle Communications Network Charging And Control=12.0.2
Oracle Enterprise Manager Ops Center=12.4.0.0
and 9 more
CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
SQLite SQLite<=3.31.1
NetApp ONTAP Select Deploy administration utility
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 26 more
CVE-2020-7064
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of ...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.2.0<7.2.29
PHP PHP>=7.3.0<7.3.16
PHP PHP>=7.4.0<7.4.4
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 21 more
CVE-2020-7066
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently trunca...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.2.0<7.2.29
PHP PHP>=7.3.0<7.3.16
PHP PHP>=7.4.0<7.4.4
Tenable Tenable.sc<5.19.0
Tenable Tenable.sc=5.19.0
and 16 more
CVE-2020-7065
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.3.0<7.3.16
PHP PHP>=7.4.0<7.4.4
Debian Debian Linux=10.0
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
and 13 more
CVE-2020-7061
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated b...
<7.3.15
PHP PHP>=7.2.0<=7.2.27
PHP PHP>=7.3.0<=7.3.14
PHP PHP>=7.4.0<=7.4.2
Microsoft Windows
Tenable Tenable.sc<5.19.0
CVE-2020-7060
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause functio...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.2.0<7.2.27
PHP PHP>=7.3.0<7.3.14
PHP PHP>=7.4.0<7.4.2
Tenable Tenable.sc<5.19.0
Oracle Communications Diameter Signaling Router>=8.0<=8.4
and 12 more
CVE-2020-7059
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function ...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.2.0<7.2.27
PHP PHP>=7.3.0<7.3.14
PHP PHP>=7.4.0<7.4.2
Tenable Tenable.sc<5.19.0
Oracle Communications Diameter Signaling Router>=8.0<=8.4
and 12 more
CVE-2020-7063
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (066...
redhat/rh-php73-php<0:7.3.20-1.el7
PHP PHP>=7.2.0<=7.2.27
PHP PHP>=7.3.0<=7.3.14
PHP PHP>=7.4.0<=7.4.2
Tenable Tenable.sc<5.19.0
Debian Debian Linux=8.0
and 12 more
CVE-2019-19646
An unspecified error related to the mishandling of NOT NULL in an integrity_check PRAGMA command in pragma.c in SQLite has an unknown impact and attack vector.
IBM Data Risk Manager<=2.0.6
SQLite SQLite<=3.30.1
Siemens Sinec Infrastructure Network Services<1.0.1.1
Tenable Tenable.sc<5.19.0
Oracle Mysql Workbench<=8.0.19
Netapp Cloud Backup
and 1 more
CVE-2019-19645
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
IBM Data Risk Manager<=2.0.6
SQLite SQLite<=3.30.1
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
Oracle Mysql Workbench<=8.0.19
Tenable Tenable.sc<5.19.0
and 4 more
CVE-2019-19919
Versions of `handlebars` prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects' `__proto__` and `__defineGetter__` properties, ...
redhat/nodejs-handlebars<4.3.0
Handlebars.js Project Handlebars.js=1.0.6
Handlebars.js Project Handlebars.js=1.0.7
Handlebars.js Project Handlebars.js=1.0.8
Handlebars.js Project Handlebars.js=1.0.9
Handlebars.js Project Handlebars.js=1.0.10
and 42 more
CVE-2019-11041
apache_mod_php. Multiple issues were addressed by updating to PHP version 7.3.8.
redhat/rh-php72-php<0:7.2.24-1.el7
PHP PHP>=7.1.0<7.1.31
PHP PHP>=7.2.0<7.2.21
PHP PHP>=7.3.0<7.3.8
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 21 more
CVE-2019-11042
apache_mod_php. Multiple issues were addressed by updating to PHP version 7.3.8.
Apple macOS Catalina<10.15
Apple macOS Catalina<10.15.1
>=7.1.0<7.1.31
>=7.2.0<7.2.21
>=7.3.0<7.3.8
=8.0
and 36 more
CVE-2019-8331
A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when to...
rubygems/twitter-bootstrap-rails<=5.0.0
npm/bootstrap-sass>=3.0.0<3.4.1
npm/bootstrap>=3.0.0<3.4.1
npm/bootstrap>=4.0.0<4.3.1
nuget/bootstrap.sass<4.3.1
nuget/bootstrap>=3.0.0<3.4.1
and 67 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203