tenable

173 tracked vulnerabilities.

CVE-2019-11045 LOW
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Improper Null Termination in DirectoryIterator
Dec 23, 2019
CVSS 3.7
EPSS 0.41
CVE-2019-11044 LOW
PHP <7.2.26-7.3.13-7.4.0 (Windows) - Path Traversal
Dec 23, 2019
CVSS 3.7
EPSS 0.08
CVE-2019-19919 CRITICAL
handlebars.js - Prototype Pollution leading to Remote Code Execution
Dec 20, 2019
CVSS 9.8
EPSS 0.25
CVE-2019-19646 CRITICAL
SQLite < 3.30.1 - Denial of Service via Integrity Check PRAGMA with Generated Columns
Dec 09, 2019
CVSS 9.8
EPSS 0.09
CVE-2019-19645 MEDIUM
SQLite < 3.30.1 - Denial of Service via Infinite Recursion in ALTER TABLE
Dec 09, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-1551 MEDIUM
x64_64 Montgomery squaring procedure - Buffer Overflow
Dec 06, 2019
CVSS 5.3
EPSS 0.03
CVE-2019-11043 HIGH KEV
PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, 7.3.x < 7.3.11 - Remote Code Execution via FPM Buffer Overflow
Oct 28, 2019
CVSS 8.7
EPSS 0.94
CVE-2019-3982 MEDIUM
Nessus < 8.6.0 - Authenticated Denial of Service via Imported Scan Type
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-16168 MEDIUM
SQLite < 3.29.0 - Denial of Service via Missing Validation in Query Planner
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-3974 HIGH
Nessus < 8.5.2 - Arbitrary File Write and Denial of Service
Aug 15, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-11042 HIGH
PHP 7.1.0-7.1.30 - Out-of-bounds Read in EXIF Extension
Aug 09, 2019
CVSS 7.1
EPSS 0.04
CVE-2019-11041 HIGH
PHP 7.1.0-7.1.30, 7.2.0-7.2.20, 7.3.0-7.3.7 - Out-of-bounds Read in EXIF Extension
Aug 09, 2019
CVSS 7.1
EPSS 0.03
CVE-2019-3962 LOW
Tenable Nessus < 8.5.0 - Authenticated Content Injection via Feed Status
Jul 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-3961 MEDIUM
Nessus < 8.4.0 - Unauthenticated Reflected Cross-Site Scripting
Jun 25, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-1559 MEDIUM
OpenSSL 1.0.2-1.0.2q - Padding Oracle via SSL_shutdown Double Call
Feb 27, 2019
CVSS 5.9
EPSS 0.05
CVE-2019-8331 MEDIUM
Bootstrap < 3.4.1 and 4.3.x < 4.3.1 - Cross-Site Scripting via Tooltip or Popover Data-Template Attribute
Feb 20, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-3923 MEDIUM
Nessus < 8.2.1 - Authenticated Stored Cross-Site Scripting
Feb 12, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20843 HIGH
libexpat < 2.2.7 - Denial of Service via XML Names with Excessive Colons
Jun 24, 2019
CVSS 7.5
EPSS 0.06
CVE-2018-5407 MEDIUM
Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack
Nov 15, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-1155 MEDIUM
Tenable SecurityCenter < 5.7.0 - Authenticated Cross-Site Scripting via Reports Image Filename Parameter
Aug 02, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1154 HIGH
SecurityCenter <5.7.0 - Info Disclosure
Aug 02, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-1148 MEDIUM
Nessus <7.1.0 - Privilege Escalation
May 18, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1147 MEDIUM
Nessus < 7.1.0 - Authenticated Stored Cross-Site Scripting via .nessus File Upload
May 18, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1142 MEDIUM
Tenable Appliance <= 4.6.1 - Authenticated Cross-Site Scripting via Offline Plugin URL Parameters
Mar 28, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1141 HIGH
Nessus <7.0.3 - Privilege Escalation
Mar 20, 2018
CVSS 7.0
EPSS 0.00
Products
nessus 65 tenable.sc 46 nessus_network_monitor 14 nessus_agent 11 securitycenter 10 log_correlation_engine 9 Nessus 6 security_center 6 Nessus Agent 5 appliance 4 Security Center 3 Terrascan 3 terrascan 3 Tenable Identity Exposure 2 identity_exposure 2 tenable.io 2 web_ui 2 Check_MK 1 SecurityCenter 1 jira_cloud 1 nessus_amazon_machine_image 1 plugin-set 1 plugin_feed 1
Quick Filters
Critical CVEs With Exploits In CISA KEV