Vulnerabilities > Tenable
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2021-41116 | Command Injection vulnerability in multiple products Composer is an open source dependency manager for the PHP language. | 9.8 |
| 2021-09-16 | CVE-2021-34798 | NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. | 7.5 |
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-09-09 | CVE-2021-20117 | Unspecified vulnerability in Tenable Nessus Agent Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. | 6.7 |
| 2021-09-09 | CVE-2021-20118 | Unspecified vulnerability in Tenable Nessus Agent Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. | 6.7 |
| 2021-08-24 | CVE-2021-3711 | Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). | 9.8 |
| 2021-08-24 | CVE-2021-3712 | Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. | 7.4 |
| 2021-08-16 | CVE-2021-33193 | A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. | 7.5 |
| 2021-07-21 | CVE-2021-20106 | Unspecified vulnerability in Tenable Nessus Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | 6.5 |
| 2021-06-29 | CVE-2021-20079 | Unspecified vulnerability in Tenable Nessus Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | 6.7 |