Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-7280
Cross-site scripting (XSS) vulnerability in the Web UI prior to 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
Tenable Web Ui
1 EDB exploit
8.8
CVSSv3
CVE-2023-5622
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.
Tenable Nessus Network Monitor
7.8
CVSSv3
CVE-2023-5623
NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary code with SYSTEM privileges where NNM is installed to a non-standard location
Tenable Nessus Network Monitor
7.2
CVSSv3
CVE-2023-5624
Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection.
Tenable Nessus Network Monitor
5.4
CVSSv3
CVE-2016-9261
Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) prior to 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Tenable Log Correlation Engine
5.9
CVSSv3
CVE-2020-5812
Nessus AMI versions 8.12.0 and previous versions were found to either not validate, or incorrectly validate, a certificate which could allow an malicious user to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
Tenable Nessus Amazon Machine Image
9.8
CVSSv3
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Siemens Sinema Remote Connect Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Article
8.8
CVSSv3
CVE-2022-22827
storeAtts in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
9.8
CVSSv3
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »