Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

tenable plugin feed vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-2005
Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a ...
Tenable Nessus -Tenable Tenable.io -Tenable Securitycenter -
NA
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets.
Tenable NessusTenable Plugin Feed
NA
CVE-2023-0524
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have re...
Tenable Nessus -Tenable Tenable.io -Tenable Tenable.sc -
4.3
CVSSv2
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery UiOracle Weblogic Server 12.1.3.0.0Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.2.1.3.0Oracle Business Intelligence 12.2.1.3.0Oracle Business Intelligence 12.2.1.4.0Oracle Hospitality Cruise Fleet Management 9.0.11Oracle Application ExpressOracle Primavera UnifierOracle Siebel Ui FrameworkOracle Oss Support ToolsOracle Oss Support Tools 2.12.42Fedoraproject Fedora 30Fedoraproject Fedora 35Fedoraproject Fedora 36Netapp Snapcenter -Redhat Openstack 7.0Redhat Openstack 9Redhat Openstack 8Juniper Junos 21.2Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1mOpenssl Openssl 1.0.2aOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.2eOpenssl Openssl 1.0.1rOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.2gOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.2hOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1tOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.1pOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1nOpenssl Openssl 1.0.1qOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1l
6.8
CVSSv2
CVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete ...
Libexpat Project LibexpatCanonical Ubuntu Linux 12.04Mcafee Policy AuditorPython Python
7.8
CVSSv2
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix ...
Canonical Ubuntu Linux 12.04Debian Debian Linux 8.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Libexpat Project LibexpatGoogle Android 5.0.2Google Android 6.0.1Google Android 6.0Google Android 4.4.4Google Android 5.1.1
4.3
CVSSv2
CVE-2012-6702
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent malicious users to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Libexpat Project LibexpatGoogle Android 5.0.2Google Android 6.0.1Google Android 6.0Canonical Ubuntu Linux 12.04Debian Debian Linux 8.0Google Android 4.4.4Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Google Android 5.1.1
7.5
CVSSv2
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla FirefoxApple Mac Os XSuse Linux Enterprise Server 11Suse Studio Onsite 1.3Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Debuginfo 11Opensuse Leap 42.1Suse Linux Enterprise Software Development Kit 12Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Libexpat Project LibexpatDebian Debian Linux 8.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Mcafee Policy AuditorPython Python
NA
CVE-2016-0719
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0718. Reason: This candidate is a reservation duplicate of CVE-2016-0718. Notes: All CVE users should reference CVE-2016-0718 instead of this candidate. All references and descriptions in this candidate have ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook