Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv3
CVE-2023-24493
A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve...
Tenable Tenable.sc
4.8
CVSSv3
CVE-2024-0955
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
Tenable Nessus
6.5
CVSSv3
CVE-2024-0971
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
Tenable Nessus
6.5
CVSSv3
CVE-2023-0476
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.
Tenable Tenable.sc
6.5
CVSSv3
CVE-2023-6062
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Tenable Nessus
4.3
CVSSv3
CVE-2023-3253
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
Tenable Nessus
6.5
CVSSv3
CVE-2022-3499
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.
Tenable Nessus
6.7
CVSSv3
CVE-2021-20079
Nessus versions 8.13.2 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
6.7
CVSSv3
CVE-2021-20099
Nessus Agent 8.2.4 and previous versions for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.
Tenable Nessus
8.6
CVSSv3
CVE-2021-21371
Tenable for Jira Cloud is an open source project designed to pull Tenable.io vulnerability data, then generate Jira Tasks and sub-tasks based on the vulnerabilities' current state. It published in pypi as "tenable-jira-cloud". In tenable-jira-cloud before version 1...
Tenable Jira Cloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »