Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2021-20106
Nessus Agent versions 8.2.5 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
756
VMScore
CVE-2019-3974
Nessus 8.5.2 and previous versions on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
Tenable Nessus
755
VMScore
CVE-2018-7584
In PHP up to and including 5.6.33, 7.0.x prior to 7.0.28, 7.1.x up to and including 7.1.14, and 7.2.x up to and including 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper....
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
755
VMScore
CVE-2007-0168
The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 up to and including 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote malicious users to execute arbitrary code via certain data in opnum 0xBF in an RPC reques...
Broadcom Brightstor Arcserve Backup
Broadcom Brightstor Arcserve Backup 9.01
Broadcom Brightstor Enterprise Backup 10.5
Broadcom Business Protection Suite 2.0
1 EDB exploit
703
VMScore
CVE-2017-5661
In Apache FOP prior to 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the use...
Apache Formatting Objects Processor
695
VMScore
CVE-2018-20843
In libexpat in Expat prior to 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
Libexpat Project Libexpat
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Oracle Http Server 12.1.3.0
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Http Server 12.2.1.4.0
Oracle Hospitality Res 3700
Tenable Nessus
695
VMScore
CVE-2016-4055
The duration function in the moment package prior to 2.11.2 for Node.js allows remote malicious users to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
Momentjs Moment
Tenable Nessus
Oracle Primavera Unifier
2 Github repositories
694
VMScore
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.1.0
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
Php Php 7.1.1
694
VMScore
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix ...
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Google Android 4.4.4
Google Android 5.1.1
694
VMScore
CVE-2016-0798
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g allows remote malicious users to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c ...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »