Skip to main content

Nessus

52 CVEs product

Monthly

CVE-2026-57588 LOW POC PATCH Monitor

SQL injection in Tenable Nessus's scan result import functionality allows an attacker to craft a malicious scan file that, when imported by a privileged operator, injects SQL into the scan results database and exfiltrates stored scan data. The attack is entirely dependent on social engineering: the threat actor has no direct access to the Nessus instance and must convince a privileged user to import the weaponized file. A proof-of-concept exists per CVSS temporal indicator E:P, and Tenable has issued an official fix under advisory TNS-2026-17. No active exploitation is confirmed in CISA KEV.

SQLi Nessus
NVD Exploit-DB VulDB
CVSS 4.0
1.8
EPSS
0.2%
CVE-2026-57587 LOW PATCH Monitor

SQL injection in Tenable Nessus exposes scan-result databases to exfiltration by any remote unauthenticated attacker who controls the reverse DNS (PTR) records for a host being scanned. When Nessus resolves the hostname of a scanned target via PTR lookup, the returned value is incorporated into a SQL query without adequate sanitization, enabling read-level access to the scan results database. A proof-of-concept is indicated by the CVSS temporal metric (E:P), and Tenable has acknowledged the issue via advisory TNS-2026-17; no public active exploitation (CISA KEV) is confirmed at time of analysis.

SQLi Nessus
NVD VulDB
CVSS 4.0
2.9
EPSS
0.3%
CVE-2025-36630 HIGH PATCH This Week

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

Microsoft Privilege Escalation Nessus Windows
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-0971 MEDIUM This Month

A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Nessus
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-0955 MEDIUM This Month

A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-6178 MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Nessus
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-6062 MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Nessus
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-5847 HIGH This Week

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Nessus Nessus Agent
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2023-3253 MEDIUM This Month

An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-3252 MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-3251 MEDIUM This Month

A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.6.0. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nessus
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-2005 HIGH This Week

Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nessus Securitycenter Tenable Io
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-0524 HIGH This Week

As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nessus Tenable Io Tenable Sc
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-0101 HIGH PATCH This Week

A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Nessus
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3499 MEDIUM This Month

An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-33757 MEDIUM This Month

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-28291 MEDIUM POC This Month

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nessus
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-32974 MEDIUM This Month

An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nessus
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-32973 HIGH This Week

An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-0778 Cargo HIGH POC PATCH CISA Act Now

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service OpenSSL Debian Linux Cloud Volumes Ontap Mediator Clustered Data Ontap +9
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
7.8%
Threat
5.2
CVE-2021-20135 MEDIUM This Month

Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-20106 MEDIUM This Month

Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-20079 MEDIUM This Month

Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2021-20100 MEDIUM This Month

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Nessus
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-20099 MEDIUM This Month

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Nessus
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-3450 Cargo HIGH PATCH This Week

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Authentication Bypass Freebsd Santricity Smi S Provider Firmware Storagegrid Firmware +29
NVD
CVSS 3.1
7.4
EPSS
18.3%
CVE-2021-3449 Cargo MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service Debian Linux Freebsd +103
NVD
CVSS 3.1
5.9
EPSS
62.9%
CVE-2020-5793 HIGH This Week

A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus Nessus Agent
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-5774 HIGH PATCH This Week

Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Nessus
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2020-5765 MEDIUM This Month

Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Nessus
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2019-3982 MEDIUM This Month

Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2019-3974 HIGH This Week

Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Nessus
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2019-3962 LOW Monitor

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
3.3
EPSS
1.0%
CVE-2019-3961 MEDIUM This Month

Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
6.1
EPSS
1.5%
CVE-2019-1559 MEDIUM PATCH This Month

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Information Disclosure Oracle Ubuntu Linux Debian Linux +79
NVD
CVSS 3.1
5.9
EPSS
17.1%
CVE-2019-3923 MEDIUM This Month

Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-5407 MEDIUM POC PATCH This Month

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Ubuntu Linux Debian Linux Node Js OpenSSL +16
NVD GitHub Exploit-DB
CVSS 3.1
4.7
EPSS
3.4%
CVE-2018-1148 MEDIUM This Month

In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Nessus
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2018-1147 MEDIUM This Month

In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-1141 HIGH This Week

When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-11506 HIGH This Week

When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Nessus
NVD
CVSS 3.0
7.4
EPSS
0.1%
CVE-2017-2122 MEDIUM PATCH This Month

Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-7850 HIGH This Week

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-7849 MEDIUM This Month

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-7199 HIGH This Week

Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-6543 HIGH This Week

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus Appliance
NVD
CVSS 3.0
7.3
EPSS
0.3%
CVE-2016-9259 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-9260 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-4055 npm MEDIUM POC PATCH This Month

The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Node.js Moment Nessus Primavera Unifier
NVD VulDB
CVSS 3.1
6.5
EPSS
2.7%
CVE-2017-5179 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2014-4980 MEDIUM POC This Month

The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nessus Web Ui
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-2848 MEDIUM This Month

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp. Rated medium severity (CVSS 6.9). No vendor patch available.

Race Condition Information Disclosure Microsoft Nessus Plugin Set
NVD VulDB
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 1.8
LOW POC PATCH Monitor

SQL injection in Tenable Nessus's scan result import functionality allows an attacker to craft a malicious scan file that, when imported by a privileged operator, injects SQL into the scan results database and exfiltrates stored scan data. The attack is entirely dependent on social engineering: the threat actor has no direct access to the Nessus instance and must convince a privileged user to import the weaponized file. A proof-of-concept exists per CVSS temporal indicator E:P, and Tenable has issued an official fix under advisory TNS-2026-17. No active exploitation is confirmed in CISA KEV.

SQLi Nessus
NVD Exploit-DB VulDB
EPSS 0% CVSS 2.9
LOW PATCH Monitor

SQL injection in Tenable Nessus exposes scan-result databases to exfiltration by any remote unauthenticated attacker who controls the reverse DNS (PTR) records for a host being scanned. When Nessus resolves the hostname of a scanned target via PTR lookup, the returned value is incorporated into a SQL query without adequate sanitization, enabling read-level access to the scan results database. A proof-of-concept is indicated by the CVSS temporal metric (E:P), and Tenable has acknowledged the issue via advisory TNS-2026-17; no public active exploitation (CISA KEV) is confirmed at time of analysis.

SQLi Nessus
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

Microsoft Privilege Escalation Nessus +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Nessus
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Nessus +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.6.0. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nessus
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nessus Securitycenter +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nessus Tenable Io +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nessus
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nessus
NVD
EPSS 8% 5.2 CVSS 7.5
HIGH POC PATCH Act Now

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service OpenSSL Debian Linux +11
NVD GitHub VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Nessus
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Nessus
NVD
EPSS 18% CVSS 7.4
HIGH PATCH This Week

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Authentication Bypass Freebsd +31
NVD
EPSS 63% CVSS 5.9
MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service +105
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Nessus
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Nessus
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Nessus
NVD
EPSS 1% CVSS 3.3
LOW Monitor

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 17% CVSS 5.9
MEDIUM PATCH This Month

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Information Disclosure Oracle +81
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 3% CVSS 4.7
MEDIUM POC PATCH This Month

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Ubuntu Linux Debian Linux +18
NVD GitHub Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM This Month

In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Nessus
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 0% CVSS 7.0
HIGH This Week

When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 0% CVSS 7.4
HIGH This Week

When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Nessus
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nessus
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nessus
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nessus
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Nessus
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 3% CVSS 6.5
MEDIUM POC PATCH This Month

The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Node.js Moment +2
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nessus
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nessus Web Ui
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp. Rated medium severity (CVSS 6.9). No vendor patch available.

Race Condition Information Disclosure Microsoft +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy