Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable nessus agent vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-5793
A vulnerability in Nessus versions 8.9.0 up to and including 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local malicious user to copy user-supplied files to a specially constructed path in a specifically named user directory. An ...
Tenable Nessus
Tenable Nessus Agent 8.0.0
Tenable Nessus Agent 8.1.0
7.8
CVSSv3
CVE-2017-7850
Nessus 6.10.x prior to 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
Tenable Nessus 6.10.0
Tenable Nessus 6.10.1
Tenable Nessus 6.10.2
Tenable Nessus 6.10.3
Tenable Nessus 6.10.4
7.8
CVSSv3
CVE-2017-7199
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local malicious user to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue.
Tenable Nessus 6.7
Tenable Nessus 6.8.0
Tenable Nessus 6.10.1
Tenable Nessus 6.10.2
Tenable Nessus 6.8.1
Tenable Nessus 6.9.0
Tenable Nessus 6.10.3
Tenable Nessus 6.9.1
Tenable Nessus 6.9.2
Tenable Nessus 6.6.2
Tenable Nessus 6.9.3
Tenable Nessus 6.10.0
23 Github repositories
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
7.5
CVSSv3
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Oracle Business Intelligence 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Mysql Server
Oracle Nosql Database
Oracle Jd Edwards Enterpriseone Tools
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Cloud Native Core Policy 1.15.0
1 Github repository
7.5
CVSSv3
CVE-2020-1967
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or u...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Mysql Enterprise Monitor
Oracle Mysql Workbench
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.3.0.0
Oracle Mysql Connectors
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Server 12.1.3
7 Github repositories
1 Article
7.5
CVSSv3
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
7.4
CVSSv3
CVE-2017-11506
When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x prior to 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.
Tenable Nessus 6.1.1
Tenable Nessus 6.1.2
Tenable Nessus 6.2.0
Tenable Nessus 6.2.1
Tenable Nessus 6.5.1
Tenable Nessus 6.5.2
Tenable Nessus 6.5.3
Tenable Nessus 6.5.4
Tenable Nessus 6.10.9
Tenable Nessus 6.10.8
Tenable Nessus 6.10.7
Tenable Nessus 6.10.6
Tenable Nessus 6.3.3
Tenable Nessus 6.3.2
Tenable Nessus 6.3.1
Tenable Nessus 6.3.0
Tenable Nessus 6.6.0
Tenable Nessus 6.7.0
Tenable Nessus 6.8.1
Tenable Nessus 6.8.0
Tenable Nessus 6.10.0
Tenable Nessus 6.0.0
6.7
CVSSv3
CVE-2021-20135
Nessus versions 8.15.2 and previous versions were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. ...
Tenable Nessus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »