5.10.1

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-26	CVE-2023-5623	Code Injection vulnerability in Tenable Nessus Network Monitor NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary code with SYSTEM privileges where NNM is installed to a non-standard location local low complexity tenable CWE-94	7.8
2023-10-26	CVE-2023-5624	Improper Input Validation vulnerability in Tenable Nessus Network Monitor Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. network low complexity tenable CWE-20	7.2
2021-08-24	CVE-2021-3711	Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). network low complexity openssl debian netapp oracle tenable CWE-120 critical	9.8
2021-08-24	CVE-2021-3712	Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. network high complexity openssl debian netapp mcafee tenable oracle siemens CWE-125	7.4
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9