Vulnerabilities > Tenable > Nessus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-01 | CVE-2023-5847 | Unspecified vulnerability in Tenable Nessus Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. | 7.3 |
| 2023-06-26 | CVE-2023-2005 | Unspecified vulnerability in Tenable Nessus, Securitycenter and Tenable.Io Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges. | 8.8 |
| 2023-03-15 | CVE-2022-4313 | Unspecified vulnerability in Tenable Nessus A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets. | 8.8 |
| 2023-02-01 | CVE-2023-0524 | Unspecified vulnerability in Tenable Nessus, Tenable.Io and Tenable.Sc As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. | 8.8 |
| 2023-01-20 | CVE-2023-0101 | Improper Privilege Management vulnerability in Tenable Nessus A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. | 8.8 |
| 2022-06-21 | CVE-2022-32973 | Unspecified vulnerability in Tenable Nessus An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. | 8.8 |
| 2022-03-15 | CVE-2022-0778 | Infinite Loop vulnerability in multiple products The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. | 7.5 |
| 2022-01-26 | CVE-2022-23990 | Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | 7.5 |
| 2022-01-10 | CVE-2022-22825 | Integer Overflow or Wraparound vulnerability in multiple products lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 8.8 |
| 2022-01-10 | CVE-2022-22826 | Integer Overflow or Wraparound vulnerability in multiple products nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 8.8 |