Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5847
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Tenable Nessus
Tenable Nessus Agent
534
VMScore
CVE-2017-6543
Tenable Nessus prior to 6.10.2 (as used alone or in Tenable Appliance prior to 4.5.0) was found to contain a flaw that allowed a remote, authenticated malicious user to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain ...
Tenable Nessus
Tenable Appliance 4.4.0
NA
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets.
Tenable Nessus
Tenable Plugin Feed
578
VMScore
CVE-2017-11508
SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password...
Tenable Securitycenter 5.5.0
Tenable Securitycenter 5.5.1
Tenable Securitycenter 5.5.2
641
VMScore
CVE-2020-5793
A vulnerability in Nessus versions 8.9.0 up to and including 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local malicious user to copy user-supplied files to a specially constructed path in a specifically named user directory. An ...
Tenable Nessus
Tenable Nessus Agent 8.0.0
Tenable Nessus Agent 8.1.0
409
VMScore
CVE-2020-5794
A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local malicious user to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. The attacke...
Tenable Nessus Network Monitor 5.11.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
383
VMScore
CVE-2013-5911
Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 up to and including 4.7 allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
Tenable Securitycenter 4.6
Tenable Securitycenter 4.7
312
VMScore
CVE-2020-5737
Stored XSS in Tenable.Sc prior to 5.14.0 could allow an authenticated remote malicious user to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.
Tenable Tenable.sc 5.14.0
Tenable Tenable.sc 5.14.1
614
VMScore
CVE-2014-2848
A race condition in the wmi_malware_scan.nbin plugin prior to 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.
Tenable Nessus 5.2.1
Tenable Plugin-set
NA
CVE-2023-0476
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.
Tenable Tenable.sc
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »