VYPR

Security

by Tenable

CVEs (7)

  • CVE-2023-5847MedNov 1, 2023
    risk 0.44cvss 6.7epss 0.00

    Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.

  • CVE-2023-3252MedAug 29, 2023
    risk 0.44cvss 6.8epss 0.01

    An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.

  • CVE-2024-0971MedFeb 7, 2024
    risk 0.42cvss 6.5epss 0.01

    A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.

  • CVE-2022-3499MedOct 31, 2022
    risk 0.42cvss 6.5epss 0.01

    An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.

  • CVE-2023-2005MedJun 26, 2023
    risk 0.41cvss 6.3epss 0.00

    Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow…

  • CVE-2023-3253MedAug 29, 2023
    risk 0.28cvss 4.3epss 0.00

    An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.

  • CVE-2025-0760LowFeb 26, 2025
    risk 0.18cvss 2.7epss 0.00

    A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.