Nessus

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-29	CVE-2021-20079	Unspecified vulnerability in Tenable Nessus Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. local low complexity tenable	7.2
2021-06-28	CVE-2021-20099	Unspecified vulnerability in Tenable Nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. local low complexity tenable	4.6
2021-06-28	CVE-2021-20100	Unspecified vulnerability in Tenable Nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. local low complexity tenable	4.6
2021-03-25	CVE-2021-3450	Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. network high complexity openssl freebsd netapp windriver fedoraproject tenable oracle mcafee sonicwall nodejs CWE-295	7.4
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2020-11-05	CVE-2020-5793	Unspecified vulnerability in Tenable Nessus and Nessus Agent A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. local low complexity tenable	7.2
2020-08-21	CVE-2020-5774	Insufficient Session Expiration vulnerability in Tenable Nessus Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. local low complexity tenable CWE-613	3.6
2020-07-15	CVE-2020-5765	Cross-site Scripting vulnerability in Tenable Nessus Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. network tenable CWE-79	3.5
2019-12-27	CVE-2016-1000029	Cross-site Scripting vulnerability in Tenable Nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). network tenable CWE-79	3.5
2019-12-27	CVE-2016-1000028	Cross-site Scripting vulnerability in Tenable Nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. network tenable CWE-79	3.5