Latest Tenable Vulnerabilities

A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
Tenable Nessus<10.7.0
Stored XSS vulnerability
Tenable Nessus<10.7.0
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote ...
Tenable Nessus<10.4.4
Arbitrary File Write
Tenable Nessus<10.5.7
Tenable Nessus>=10.6.0<10.6.3
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus<10.6.2
Tenable Nessus Agent<10.4.3
Linux Linux kernel
Microsoft Windows
Blind SQL Injection
Tenable Nessus Network Monitor<6.3.0
Privilege Escalation
Tenable Nessus Network Monitor<6.3.0
Privilege Escalation
Tenable Nessus Network Monitor<6.3.0
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
Tenable Nessus<10.6.0
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: b...
Tenable Nessus<10.6.0
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with l...
Tenable Nessus<10.6.0
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to...
Tenable Nessus<10.4.2
Tenable Plugin Feed<202212081952
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment va...
Tenable Nessus
Tenable Tenable.Io
Tenable Tenable.sc
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact w...
Tenable Tenable.sc<=5.23.1
Tenable Tenable.sc<=5.23.1
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit thi...
Tenable Tenable.sc<=5.23.1
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory us...
Tenable Tenable.sc<=5.23.1
A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to ...
Tenable Nessus>=8.10.1<8.15.8
Tenable Nessus>=10.0.0<10.4.2
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.
Tenable Nessus<10.4.0
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target...
Tenable Nessus<10.2.0
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affecte...
Tenable Nessus
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Tenable Nessus<10.2.0
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control t...
composer/composer/composer>=2.3<2.3.5>=2.0<2.2.12<1.10.26
Getcomposer Composer<1.10.26
Getcomposer Composer>=2.0.0<2.2.12
Getcomposer Composer>=2.3.0<2.3.5
Tenable Tenable.sc<5.21.0
Fedoraproject Fedora=34
and 5 more
### Impact This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg `fr` is directly used to switch moment locale. ### Patches This problem is patched...
redhat/servicemesh-prometheus<0:2.14.0-18.el8.1
redhat/servicemesh-prometheus<0:2.23.0-9.el8
redhat/ceph<2:16.2.10-94.el8c
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el8ea
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
and 24 more
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of t...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 81 more
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
redhat/mingw-expat<0:2.4.8-1.el8
Libexpat Project Libexpat<2.4.4
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
Oracle Communications Metasolv Solution=6.3.1
Debian Debian Linux=10.0
and 20 more
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/expat<0:2.2.5-4.el8_4.3
Libexpat Project Libexpat<2.4.4
NetApp Clustered Data ONTAP
NetApp OnCommand Workflow Automation
and 21 more
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. ...
Tenable Tenable.sc>=5.14.0<=5.19.1
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
debian/expat<=2.4.2-1<=2.2.6-2+deb10u1<=2.2.6-2<=2.2.10-2
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
and 30 more
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Apple iPadOS
NetApp Clustered Data ONTAP
and 31 more
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memor...
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
debian/expat<=2.2.6-2<=2.2.10-2<=2.2.6-2+deb10u1<=2.4.2-1
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 28 more
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server>=2.4.7<2.4.52
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 39 more
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server<=2.4.51
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 40 more
Fixed bug (special character is breaking the path in xml function). (CVE-2021-21707)
PHP PHP>=7.3.0<7.3.33
PHP PHP>=7.4.0<7.4.26
PHP PHP>=8.0.0<8.0.13
NetApp Clustered Data ONTAP
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 10 more
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Ag...
Tenable Nessus<=8.15.2
### Impact Accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```js...
rubygems/jquery-ui-rails<7.0.0
maven/org.webjars.npm:jquery-ui<1.13.0
nuget/jQuery.UI.Combined<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 126 more
### Impact Accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```...
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.14.04.1~
ubuntu/jqueryui<1.13.0
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.18.04.1~
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.20.04.1
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.16.04.1~
rubygems/jquery-ui-rails<7.0.0
and 116 more
### Impact Accepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following...
rubygems/jquery-ui-rails<7.0.0
nuget/jQuery.UI.Combined<1.13.0
maven/org.webjars.npm:jquery-ui<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 75 more
### Impact Windows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected. ### Patches 1.10.23 and 2.1.9 f...
composer/composer/composer>=2.0.0-alpha1<2.1.9<1.10.23
Getcomposer Composer<1.10.23
Getcomposer Composer>=2.0.0<2.1.9
Tenable Tenable.sc<5.21.0
composer/composer/composer>=2.0.0-alpha1<2.1.9
composer/composer/composer<1.10.23
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 38 more
Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent h...
Tenable Nessus Agent<=8.3.0
Tenable Nessus Agent<=8.3.0
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 79 more
OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content,...
debian/openssl
redhat/openssl<1.1.1
IBM Cognos Analytics<=12.0.0
IBM Cognos Analytics<=11.2.4
IBM Cognos Analytics<=11.1.7
OpenSSL OpenSSL>=1.1.1<1.1.1l
and 41 more
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to g...
Tenable Nessus<=8.2.5

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203