Latest Tenable Vulnerabilities

CVE-2024-0971
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
<10.7.0
CVE-2024-0955
Stored XSS vulnerability
Tenable Nessus<10.7.0
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote ...
Tenable Nessus<10.4.4
CVE-2023-6062
Arbitrary File Write
Tenable Nessus<10.5.7
Tenable Nessus>=10.6.0<10.6.3
CVE-2023-5847
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus<10.6.2
Tenable Nessus Agent<10.4.3
Linux Linux kernel
Microsoft Windows
CVE-2023-5624
Blind SQL Injection
Tenable Nessus Network Monitor<6.3.0
CVE-2023-5623
Privilege Escalation
Tenable Nessus Network Monitor<6.3.0
CVE-2023-5622
Privilege Escalation
Tenable Nessus Network Monitor<6.3.0
CVE-2023-3253
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
Tenable Nessus<10.6.0
CVE-2023-3251
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: b...
Tenable Nessus<10.6.0
CVE-2023-3252
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with l...
Tenable Nessus<10.6.0
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to...
Tenable Nessus<10.4.2
Tenable Plugin Feed<202212081952
CVE-2023-0524
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment va...
Tenable Nessus
Tenable Tenable.Io
Tenable Tenable.sc
CVE-2023-24495
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact w...
Tenable Tenable.sc<=5.23.1
CVE-2023-24493
Tenable Tenable.sc<=5.23.1
CVE-2023-24494
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit thi...
Tenable Tenable.sc<=5.23.1
CVE-2023-0476
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory us...
Tenable Tenable.sc<=5.23.1
CVE-2023-0101
A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to ...
Tenable Nessus>=8.10.1<8.15.8
Tenable Nessus>=10.0.0<10.4.2
CVE-2022-3499
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.
Tenable Nessus<10.4.0
CVE-2022-33757
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target...
Tenable Nessus<10.2.0
CVE-2022-28291
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affecte...
Tenable Nessus
CVE-2022-32974
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Tenable Nessus<10.2.0
CVE-2022-24828
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control t...
composer/composer/composer>=2.3<2.3.5>=2.0<2.2.12<1.10.26
Getcomposer Composer<1.10.26
Getcomposer Composer>=2.0.0<2.2.12
Getcomposer Composer>=2.3.0<2.3.5
Tenable Tenable.sc<5.21.0
Fedoraproject Fedora=34
and 5 more
CVE-2022-24785
### Impact This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg `fr` is directly used to switch moment locale. ### Patches This problem is patched...
redhat/servicemesh-prometheus<0:2.14.0-18.el8.1
redhat/servicemesh-prometheus<0:2.23.0-9.el8
redhat/ceph<2:16.2.10-94.el8c
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el8ea
redhat/eap7-hal-console<0:3.3.12-1.Final_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
and 24 more
CVE-2022-0778
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of t...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 84 more
CVE-2022-23990
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
redhat/mingw-expat<0:2.4.8-1.el8
Libexpat Project Libexpat<2.4.4
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
Oracle Communications Metasolv Solution=6.3.1
Debian Debian Linux=10.0
and 22 more
CVE-2022-23852
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/expat<0:2.2.5-4.el8_4.3
Libexpat Project Libexpat<2.4.4
NetApp Clustered Data ONTAP
NetApp OnCommand Workflow Automation
and 23 more
CVE-2022-0130
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. ...
Tenable Tenable.sc>=5.14.0<=5.19.1
CVE-2022-22825
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 30 more
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 30 more
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
debian/expat<=2.4.2-1<=2.2.6-2+deb10u1<=2.2.6-2<=2.2.10-2
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
and 32 more
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 30 more
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 30 more
CVE-2022-22827
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
Libexpat Project Libexpat<2.4.3
Tenable Nessus<8.15.3
Tenable Nessus>=10.0.0<10.1.1
and 30 more
CVE-2021-46143
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
redhat/xmlrpc-c<0:1.51.0-8.el8
redhat/expat<2.4.3
debian/expat
Libexpat Project Libexpat<2.4.3
and 33 more
CVE-2021-45960
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memor...
redhat/expat<0:2.1.0-14.el7_9
redhat/expat<0:2.2.5-4.el8_5.3
debian/expat<=2.2.6-2<=2.2.10-2<=2.2.6-2+deb10u1<=2.4.2-1
redhat/expat<2.4.3
debian/expat
Libexpat Project Libexpat<2.4.3
and 30 more
CVE-2021-44224
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server>=2.4.7<2.4.52
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 39 more
CVE-2021-44790
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server<=2.4.51
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 40 more
CVE-2021-21707
Fixed bug (special character is breaking the path in xml function). (CVE-2021-21707)
PHP PHP>=7.3.0<7.3.33
PHP PHP>=7.4.0<7.4.26
PHP PHP>=8.0.0<8.0.13
NetApp Clustered Data ONTAP
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 10 more
CVE-2021-20135
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Ag...
Tenable Nessus<=8.15.2
CVE-2021-41184
### Impact Accepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following...
rubygems/jquery-ui-rails<7.0.0
nuget/jQuery.UI.Combined<1.13.0
maven/org.webjars.npm:jquery-ui<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 75 more
CVE-2021-41182
### Impact Accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```js...
rubygems/jquery-ui-rails<7.0.0
maven/org.webjars.npm:jquery-ui<1.13.0
nuget/jQuery.UI.Combined<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 126 more
CVE-2021-41183
### Impact Accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```...
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.14.04.1~
ubuntu/jqueryui<1.13.0
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.18.04.1~
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.20.04.1
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.16.04.1~
rubygems/jquery-ui-rails<7.0.0
and 116 more
CVE-2021-41116
### Impact Windows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected. ### Patches 1.10.23 and 2.1.9 f...
composer/composer/composer>=2.0.0-alpha1<2.1.9<1.10.23
Getcomposer Composer<1.10.23
Getcomposer Composer>=2.0.0<2.1.9
Tenable Tenable.sc<5.21.0
composer/composer/composer>=2.0.0-alpha1<2.1.9
composer/composer/composer<1.10.23
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 38 more
CVE-2021-20118
Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent h...
Tenable Nessus Agent<=8.3.0
CVE-2021-20117
Tenable Nessus Agent<=8.3.0
CVE-2021-3712
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 79 more
CVE-2021-3711
OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content,...
debian/openssl
redhat/openssl<1.1.1
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
OpenSSL OpenSSL>=1.1.1<1.1.1l
and 41 more
CVE-2021-20106
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to g...
Tenable Nessus<=8.2.5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203