VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Tenable
>
LOG Correlation Engine
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-25
CVE-2021-3449
NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
network
high complexity
openssl
debian
freebsd
netapp
tenable
fedoraproject
mcafee
checkpoint
oracle
sonicwall
siemens
nodejs
CWE-476
5.9
5.9
2020-12-08
CVE-2020-1971
NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
network
high complexity
openssl
debian
fedoraproject
oracle
netapp
tenable
siemens
nodejs
CWE-476
5.9
5.9
2020-04-29
CVE-2020-11022
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
network
low complexity
jquery
drupal
debian
fedoraproject
oracle
netapp
opensuse
tenable
6.1
6.1
2020-04-29
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
network
low complexity
jquery
debian
fedoraproject
drupal
oracle
netapp
tenable
6.1
6.1
2019-12-06
CVE-2019-1551
Integer Overflow or Wraparound vulnerability in multiple products
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli.
network
low complexity
openssl
opensuse
oracle
canonical
fedoraproject
debian
tenable
CWE-190
5.3
5.3
2017-02-28
CVE-2016-9261
Cross-site Scripting vulnerability in Tenable LOG Correlation Engine 4.8.0
Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
tenable
CWE-79
5.4
5.4