Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nessus vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2016-1000028
Tenable Nessus prior to 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
Tenable Nessus
4.8
CVSSv3
CVE-2016-1000029
Tenable Nessus prior to 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).
Tenable Nessus
5.3
CVSSv3
CVE-2019-1551
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult ...
Openssl Openssl
Opensuse Leap 15.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql Enterprise Monitor
Oracle Enterprise Manager Ops Center 12.4.0.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Tenable Log Correlation Engine
6.5
CVSSv3
CVE-2019-3982
Nessus versions 8.6.0 and previous versions were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become tempo...
Tenable Nessus
4.7
CVSSv3
CVE-2019-1547
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a g...
Openssl Openssl
6.5
CVSSv3
CVE-2019-16168
In SQLite up to and including 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Sqlite Sqlite
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Santricity Unified Manager -
Netapp E-series Santricity Os Controller
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 30
Debian Debian Linux 9.0
Tenable Nessus Agent
Oracle Solaris 11
Oracle Outside In Technology 8.5.4
Oracle Mysql
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Zfs Storage Appliance 8.8
7.5
CVSSv3
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
8.1
CVSSv3
CVE-2019-3974
Nessus 8.5.2 and previous versions on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
Tenable Nessus
3.3
CVSSv3
CVE-2019-1552
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. F...
Openssl Openssl
3.3
CVSSv3
CVE-2019-3962
Content Injection vulnerability in Tenable Nessus before 8.5.0 may allow an authenticated, local malicious user to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation cou...
Tenable Nessus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »