Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable nessus - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5847
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus
Tenable Nessus Agent
NA
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets.
Tenable Nessus
Tenable Plugin Feed
6
CVSSv2
CVE-2017-6543
Tenable Nessus prior to 6.10.2 (as used alone or in Tenable Appliance prior to 4.5.0) was found to contain a flaw that allowed a remote, authenticated malicious user to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain ...
Tenable Nessus
Tenable Appliance 4.4.0
3.5
CVSSv2
CVE-2019-3923
Nessus versions 8.2.1 and previous versions were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary scri...
Tenable Nessus
4.6
CVSSv2
CVE-2021-20135
Nessus versions 8.15.2 and previous versions were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. ...
Tenable Nessus
6.9
CVSSv2
CVE-2014-2848
A race condition in the wmi_malware_scan.nbin plugin prior to 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.
Tenable Nessus 5.2.1
Tenable Plugin-set
3.5
CVSSv2
CVE-2020-5765
Nessus 8.10.0 and previous versions were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. T...
Tenable Nessus
3.5
CVSSv2
CVE-2016-1000028
Tenable Nessus prior to 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
Tenable Nessus
3.5
CVSSv2
CVE-2017-5179
Cross-site scripting (XSS) vulnerability in Tenable Nessus prior to 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Tenable Nessus
NA
CVE-2023-3251
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: prior to 10.6.0.
Tenable Nessus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »