Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2014-7280
Cross-site scripting (XSS) vulnerability in the Web UI prior to 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
Tenable Web Ui
1 EDB exploit
NA
CVE-2023-5622
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.
Tenable Nessus Network Monitor
NA
CVE-2023-5623
NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary code with SYSTEM privileges where NNM is installed to a non-standard location
Tenable Nessus Network Monitor
NA
CVE-2023-5624
Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection.
Tenable Nessus Network Monitor
312
VMScore
CVE-2016-9261
Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) prior to 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Tenable Log Correlation Engine
383
VMScore
CVE-2020-5812
Nessus AMI versions 8.12.0 and previous versions were found to either not validate, or incorrectly validate, a certificate which could allow an malicious user to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
Tenable Nessus Amazon Machine Image
670
VMScore
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Siemens Sinema Remote Connect Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Article
668
VMScore
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
668
VMScore
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
606
VMScore
CVE-2022-22825
lookup in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »