tenable

173 tracked vulnerabilities.

CVE-2021-41184 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Position Utility 'of' Option
Oct 26, 2021
CVSS 6.5
EPSS 0.25
CVE-2021-41183 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker Widget *Text Options
Oct 26, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-41182 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker altField Option
Oct 26, 2021
CVSS 6.5
EPSS 0.28
CVE-2021-41116 HIGH
Composer <1.10.23, <2.1.9 - Command Injection
Oct 05, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-40438 CRITICAL KEVNUCLEI
Apache HTTP Server <2.4.48 - SSRF
Sep 16, 2021
CVSS 9.0
EPSS 0.94
CVE-2021-34798 HIGH
Apache HTTP Server < 2.4.48 - NULL Pointer Dereference
Sep 16, 2021
CVSS 7.5
EPSS 0.10
CVE-2021-20118 MEDIUM
Nessus Agent <= 8.3.0 - Authenticated Local Privilege Escalation via Executable Execution
Sep 09, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-20117 MEDIUM
Nessus Agent <= 8.3.0 - Authenticated Local Privilege Escalation via Executable Execution
Sep 09, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-3712 HIGH
OpenSSL 1.0.2-1.0.2y 1.1.1-1.1.1k - Out-of-bounds Read in ASN.1 String Processing
Aug 24, 2021
CVSS 7.4
EPSS 0.00
CVE-2021-3711 CRITICAL
OpenSSL 1.1.1-1.1.1k - Buffer Overflow in SM2 Decryption
Aug 24, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-33193 HIGH
Apache HTTP Server <2.4.49 - SSRF
Aug 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-20106 MEDIUM
Nessus < 8.2.5 - Privilege Escalation via Crafted File Upload
Jul 21, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-20079 MEDIUM
Nessus < 8.13.2 - Privilege Escalation via Crafted File Upload
Jun 29, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-20100 MEDIUM
Nessus Agent < 8.2.5 - Authenticated Local Privilege Escalation via Windows Executable Execution
Jun 28, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-20099 MEDIUM
Nessus Agent < 8.2.4 - Authenticated Local Privilege Escalation via Windows Executable Execution
Jun 28, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-23358 LOW
underscore 1.3.2-1.12.1 - Arbitrary Code Injection via Template Function
Mar 29, 2021
CVSS 3.3
EPSS 0.01
CVE-2021-3450 HIGH
OpenSSL 1.1.1h-1.1.1j - Certificate Chain Validation Bypass via X509_V_FLAG_X509_STRICT
Mar 25, 2021
CVSS 7.4
EPSS 0.01
CVE-2021-3449 MEDIUM
Openssl < 1.1.1k - NULL Pointer Dereference
Mar 25, 2021
CVSS 5.9
EPSS 0.10
CVE-2021-20077 MEDIUM
Nessus Agent <8.2.2 - Info Disclosure
Mar 19, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-21371 MEDIUM
tenable-jira-cloud < 1.1.21 - Remote Code Execution via YAML Deserialization
Mar 10, 2021
CVSS 5.0
EPSS 0.00
CVE-2021-20076 HIGH
Tenable.sc 5.13.0-5.17.0 - Authenticated Remote Code Execution via PHP Unserialization
Mar 03, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-23841 MEDIUM
OpenSSL 1.0.2-1.0.2x and 1.1.1-1.1.1i - Denial of Service via X509_issuer_and_serial_hash NULL Pointer Dereference
Feb 16, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-23840 HIGH
OpenSSL 1.0.2-1.0.2x and 1.1.1-1.1.1i - Integer Overflow in EVP_CipherUpdate
Feb 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-5812 MEDIUM
Nessus AMI <8.12.0 - Info Disclosure
Feb 06, 2021
CVSS 5.9
EPSS 0.00
CVE-2020-5808 HIGH
Tenable.sc <5.17.0 - Info Disclosure
Dec 21, 2020
CVSS 7.5
EPSS 0.00
Products
nessus 65 tenable.sc 46 nessus_network_monitor 14 nessus_agent 11 securitycenter 10 log_correlation_engine 9 Nessus 6 security_center 6 Nessus Agent 5 appliance 4 Security Center 3 Terrascan 3 terrascan 3 Tenable Identity Exposure 2 identity_exposure 2 tenable.io 2 web_ui 2 Check_MK 1 SecurityCenter 1 jira_cloud 1 nessus_amazon_machine_image 1 plugin-set 1 plugin_feed 1
Quick Filters
Critical CVEs With Exploits In CISA KEV