Security
by Tenable
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5847 | Med | 0.44 | 6.7 | 0.00 | Nov 1, 2023 | Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. | ||
| CVE-2023-3252 | Med | 0.44 | 6.8 | 0.01 | Aug 29, 2023 | An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition. | ||
| CVE-2024-0971 | Med | 0.42 | 6.5 | 0.01 | Feb 7, 2024 | A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content. | ||
| CVE-2022-3499 | Med | 0.42 | 6.5 | 0.01 | Oct 31, 2022 | An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. | ||
| CVE-2023-2005 | Med | 0.41 | 6.3 | 0.00 | Jun 26, 2023 | Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow… | ||
| CVE-2023-3253 | Med | 0.28 | 4.3 | 0.00 | Aug 29, 2023 | An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application. | ||
| CVE-2025-0760 | Low | 0.18 | 2.7 | 0.00 | Feb 26, 2025 | A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption. |
- risk 0.44cvss 6.7epss 0.00
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
- risk 0.44cvss 6.8epss 0.01
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.
- risk 0.42cvss 6.5epss 0.01
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
- risk 0.42cvss 6.5epss 0.01
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present.
- risk 0.41cvss 6.3epss 0.00
Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow…
- risk 0.28cvss 4.3epss 0.00
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.
- risk 0.18cvss 2.7epss 0.00
A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.