Filtered by vendor Tenable
Subscribe
Total
140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24495 | 1 Tenable | 1 Tenable.sc | 2023-02-06 | N/A | 6.5 MEDIUM |
| A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly. | |||||
| CVE-2023-0476 | 1 Tenable | 1 Tenable.sc | 2023-02-06 | N/A | 6.5 MEDIUM |
| A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection. | |||||
| CVE-2023-24493 | 1 Tenable | 1 Tenable.sc | 2023-02-02 | N/A | 5.7 MEDIUM |
| A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host. | |||||
| CVE-2023-24494 | 1 Tenable | 1 Tenable.sc | 2023-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session. | |||||
| CVE-2023-0101 | 1 Tenable | 1 Nessus | 2023-01-28 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host. | |||||
| CVE-2022-3499 | 1 Tenable | 1 Nessus | 2022-11-01 | N/A | 6.5 MEDIUM |
| An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. | |||||
| CVE-2022-23852 | 6 Debian, Libexpat Project, Netapp and 3 more | 7 Debian Linux, Libexpat, Clustered Data Ontap and 4 more | 2022-10-29 | 7.5 HIGH | 9.8 CRITICAL |
| Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | |||||
| CVE-2021-20077 | 1 Tenable | 1 Nessus Agent | 2022-10-28 | 7.2 HIGH | 6.7 MEDIUM |
| Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token. | |||||
| CVE-2022-28291 | 1 Tenable | 1 Nessus | 2022-10-19 | N/A | 6.5 MEDIUM |
| Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affected products are all versions of Nessus Essentials and Professional. The vulnerability allows an attacker to access credentials stored in Nessus scanners, potentially compromising its customers’ network of assets. | |||||
| CVE-2021-46143 | 4 Libexpat Project, Netapp, Siemens and 1 more | 8 Libexpat, Active Iq Unified Manager, Clustered Data Ontap and 5 more | 2022-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | |||||
| CVE-2021-45960 | 5 Debian, Libexpat Project, Netapp and 2 more | 8 Debian Linux, Libexpat, Active Iq Unified Manager and 5 more | 2022-10-06 | 9.0 HIGH | 8.8 HIGH |
| In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | |||||
| CVE-2022-22822 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22823 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22824 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22825 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22827 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22826 | 4 Debian, Libexpat Project, Siemens and 1 more | 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2020-7064 | 5 Canonical, Debian, Opensuse and 2 more | 5 Ubuntu Linux, Debian Linux, Leap and 2 more | 2022-08-29 | 5.8 MEDIUM | 5.4 MEDIUM |
| In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. | |||||
| CVE-2021-20118 | 1 Tenable | 1 Nessus Agent | 2022-07-12 | 7.2 HIGH | 6.7 MEDIUM |
| Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20117. | |||||
| CVE-2021-20106 | 1 Tenable | 1 Nessus | 2022-07-12 | 8.5 HIGH | 6.5 MEDIUM |
| Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | |||||