Vulnerabilities (CVE)

Filtered by vendor Tenable Subscribe
Filtered by product Nessus
Total 64 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46143 4 Libexpat Project, Netapp, Siemens and 1 more 8 Libexpat, Active Iq Unified Manager, Clustered Data Ontap and 5 more 2024-02-28 6.8 MEDIUM 7.8 HIGH
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2021-45960 5 Debian, Libexpat Project, Netapp and 2 more 8 Debian Linux, Libexpat, Active Iq Unified Manager and 5 more 2024-02-28 9.0 HIGH 8.8 HIGH
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
CVE-2022-23852 6 Debian, Libexpat Project, Netapp and 3 more 7 Debian Linux, Libexpat, Clustered Data Ontap and 4 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2022-22827 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22823 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22825 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-23990 6 Debian, Fedoraproject, Libexpat Project and 3 more 6 Debian Linux, Fedora, Libexpat and 3 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2022-22824 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22826 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2021-20135 1 Tenable 1 Nessus 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus).
CVE-2021-20100 2 Microsoft, Tenable 2 Windows, Nessus 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20099.
CVE-2021-20099 2 Microsoft, Tenable 2 Windows, Nessus 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.
CVE-2021-20106 1 Tenable 1 Nessus 2024-02-28 8.5 HIGH 6.5 MEDIUM
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
CVE-2021-20079 1 Tenable 1 Nessus 2024-02-28 7.2 HIGH 6.7 MEDIUM
Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
CVE-2021-3450 10 Fedoraproject, Freebsd, Mcafee and 7 more 35 Fedora, Freebsd, Web Gateway and 32 more 2024-02-28 5.8 MEDIUM 7.4 HIGH
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).
CVE-2020-5793 2 Microsoft, Tenable 3 Windows, Nessus, Nessus Agent 2024-02-28 7.2 HIGH 7.8 HIGH
A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability.
CVE-2020-5765 1 Tenable 1 Nessus 2024-02-28 3.5 LOW 5.4 MEDIUM
Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. Tenable has implemented additional input validation mechanisms to correct this issue in Nessus 8.11.0.
CVE-2020-5774 1 Tenable 1 Nessus 2024-02-28 3.6 LOW 7.1 HIGH
Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.
CVE-2016-1000028 1 Tenable 1 Nessus 2024-02-28 3.5 LOW 4.8 MEDIUM
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
CVE-2019-3982 1 Tenable 1 Nessus 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become temporarily unresponsive.