Vulnerabilities > Tenable
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-09 | CVE-2021-20118 | Unspecified vulnerability in Tenable Nessus Agent Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. | 7.2 |
2021-08-24 | CVE-2021-3711 | Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). | 9.8 |
2021-08-24 | CVE-2021-3712 | Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. | 7.4 |
2021-08-16 | CVE-2021-33193 | A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. | 7.5 |
2021-07-21 | CVE-2021-20106 | Unspecified vulnerability in Tenable Nessus Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. network tenable | 8.5 |
2021-06-29 | CVE-2021-20079 | Unspecified vulnerability in Tenable Nessus Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | 7.2 |
2021-06-28 | CVE-2021-20099 | Unspecified vulnerability in Tenable Nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. | 4.6 |
2021-06-28 | CVE-2021-20100 | Unspecified vulnerability in Tenable Nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. | 4.6 |
2021-03-29 | CVE-2021-23358 | Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. | 7.2 |
2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |