Vulnerabilities > Tenable

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-10	CVE-2022-22827	Integer Overflow or Wraparound vulnerability in multiple products storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190	8.8
2022-01-06	CVE-2021-46143	Integer Overflow or Wraparound vulnerability in multiple products In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. local low complexity libexpat-project netapp tenable siemens CWE-190	7.8
2022-01-01	CVE-2021-45960	Incorrect Calculation vulnerability in multiple products In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). network low complexity libexpat-project tenable debian siemens netapp CWE-682	8.8
2021-12-20	CVE-2021-44224	NULL Pointer Dereference vulnerability in multiple products A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). network low complexity apache fedoraproject debian tenable oracle apple CWE-476	8.2
2021-12-20	CVE-2021-44790	Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). network low complexity apache fedoraproject debian tenable netapp oracle apple CWE-787 critical	9.8
2021-11-29	CVE-2021-21707	In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. network low complexity php netapp debian tenable	5.3
2021-11-03	CVE-2021-20135	Unspecified vulnerability in Tenable Nessus Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. local low complexity tenable	6.7
2021-10-26	CVE-2021-41182	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable CWE-79	6.1
2021-10-26	CVE-2021-41183	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable CWE-79	6.1
2021-10-26	CVE-2021-41184	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp drupal tenable oracle CWE-79	6.1

Vulnerabilities > Tenable {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tenable"}]}

Vulnerabilities > Tenable