Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1891
A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.
NA
CVE-2024-0955
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
Tenable Nessus
NA
CVE-2024-0971
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
Tenable Nessus
NA
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Tenable Nessus
NA
CVE-2023-6062
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Tenable Nessus
NA
CVE-2023-5847
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus
Tenable Nessus Agent
NA
CVE-2023-5622
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.
Tenable Nessus Network Monitor
NA
CVE-2023-5623
NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary code with SYSTEM privileges where NNM is installed to a non-standard location
Tenable Nessus Network Monitor
NA
CVE-2023-5624
Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection.
Tenable Nessus Network Monitor
NA
CVE-2023-3253
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
Tenable Nessus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »