Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable nessus - vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-32974
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Tenable Nessus
3.6
CVSSv2
CVE-2020-5774
Nessus versions 8.11.0 and previous versions were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.
Tenable Nessus
1 Github repository
7.2
CVSSv2
CVE-2021-20079
Nessus versions 8.13.2 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
8.5
CVSSv2
CVE-2021-20106
Nessus Agent versions 8.2.5 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
4.3
CVSSv2
CVE-2019-3961
Nessus versions 8.4.0 and previous versions were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary...
Tenable Nessus
4.6
CVSSv2
CVE-2021-20099
Nessus Agent 8.2.4 and previous versions for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.
Tenable Nessus
4.6
CVSSv2
CVE-2021-20100
Nessus Agent 8.2.4 and previous versions for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20099.
Tenable Nessus
NA
CVE-2022-28291
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affected products are all versions of Nessus Essentials and Professional. T...
Tenable Nessus
NA
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Tenable Nessus
NA
CVE-2023-0101
A privilege escalation vulnerability was identified in Nessus versions 8.10.1 up to and including 8.15.8 and 10.0.0 up to and including 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the N...
Tenable Nessus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »