tenable

173 tracked vulnerabilities.

CVE-2020-1971 MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.00
CVE-2020-5794 HIGH
Nessus Network Monitor <5.12.0 - Authenticated RCE
Nov 06, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5793 HIGH
Nessus <8.12.0 - Local Privilege Escalation
Nov 05, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-7070 MEDIUM
PHP 7.2.0-7.2.33, 7.3.0-7.3.22, 7.4.0-7.4.10 - Cookie Prefix Confusion via URL Decoding
Oct 02, 2020
CVSS 4.3
EPSS 0.26
CVE-2020-7069 MEDIUM
PHP 7.2.0-7.2.33, 7.3.0-7.3.22, 7.4.0-7.4.10 - Inadequate Encryption Strength in AES-CCM Mode
Oct 02, 2020
CVSS 5.4
EPSS 0.08
CVE-2020-7068 MEDIUM
PHP 7.2.0-7.2.32, 7.3.0-7.3.20, 7.4.0-7.4.8 - Use-After-Free in PHAR File Processing
Sep 09, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-5774 HIGH
Nessus < 8.11.0 - Insufficient Session Expiration
Aug 21, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-5765 MEDIUM
Nessus < 8.10.0 - Authenticated Stored Cross-Site Scripting in Scan Configuration
Jul 15, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-11022 MEDIUM
jQuery 1.12.0-3.4.1 - Cross-Site Scripting via DOM Manipulation Methods
Apr 29, 2020
CVSS 6.9
EPSS 0.02
CVE-2020-11023 MEDIUM KEV
jQuery <3.5.0 - XSS
Apr 29, 2020
CVSS 6.9
EPSS 0.35
CVE-2020-7067 HIGH
PHP <7.2.30, <7.3.17, <7.4.5 - Memory Corruption
Apr 27, 2020
CVSS 7.5
EPSS 0.10
CVE-2020-1967 HIGH
OpenSSL 1.1.1d-1.1.1f - Denial of Service via Invalid Signature Algorithm in TLS 1.3 Handshake
Apr 21, 2020
CVSS 7.5
EPSS 0.61
CVE-2020-5737 MEDIUM
Tenable.Sc - Authenticated Stored Cross-Site Scripting
Apr 17, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-11656 CRITICAL
SQLite < 3.31.1 - Use-After-Free in ALTER TABLE with ORDER BY Clause
Apr 09, 2020
CVSS 9.8
EPSS 0.06
CVE-2020-11655 HIGH
SQLite < 3.31.1 - Denial of Service via Malformed Window-Function Query
Apr 09, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-7066 MEDIUM
PHP <7.2.29-7.3.16-7.4.4 - Info Disclosure
Apr 01, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-7065 HIGH
PHP 7.3.0-7.3.15 - Stack-based Buffer Overflow in mb_strtolower() with UTF-32LE Encoding
Apr 01, 2020
CVSS 7.4
EPSS 0.05
CVE-2020-7064 MEDIUM
PHP 7.2.0-7.2.28 - Out-of-bounds Read in EXIF Data Parsing
Apr 01, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-7063 MEDIUM
PHP <7.2.28-7.3.15-7.4.3 - Info Disclosure
Feb 27, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-7061 MEDIUM
PHP 7.3.x < 7.3.15 and 7.4.x < 7.4.3 - Out-of-bounds Read in PHAR File Extraction
Feb 27, 2020
CVSS 6.5
EPSS 0.03
CVE-2020-7060 MEDIUM
PHP 7.2.0-7.2.26 - Out-of-bounds Read in mbstring Multibyte Conversion
Feb 10, 2020
CVSS 6.5
EPSS 0.06
CVE-2020-7059 MEDIUM
PHP 7.2.0-7.2.26 - Out-of-bounds Read in fgetss() Function
Feb 10, 2020
CVSS 6.5
EPSS 0.02
CVE-2019-11050 MEDIUM
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Out-of-bounds Read in EXIF Extension
Dec 23, 2019
CVSS 4.8
EPSS 0.03
CVE-2019-11049 MEDIUM
PHP 7.3.0-7.3.12 - Use-After-Free via mail() Function Lowercase Header
Dec 23, 2019
CVSS 6.5
EPSS 0.03
CVE-2019-11046 LOW
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Out-of-bounds Read in bcmath Extension
Dec 23, 2019
CVSS 3.7
EPSS 0.08
Products
nessus 65 tenable.sc 46 nessus_network_monitor 14 nessus_agent 11 securitycenter 10 log_correlation_engine 9 Nessus 6 security_center 6 Nessus Agent 5 appliance 4 Security Center 3 Terrascan 3 terrascan 3 Tenable Identity Exposure 2 identity_exposure 2 tenable.io 2 web_ui 2 Check_MK 1 SecurityCenter 1 jira_cloud 1 nessus_amazon_machine_image 1 plugin-set 1 plugin_feed 1
Quick Filters
Critical CVEs With Exploits In CISA KEV