Nessus
by Tenable
CVEs (55)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-3290 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2024 | A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host | ||
| CVE-2025-24914 | Hig | 0.51 | 7.8 | 0.00 | Apr 18, 2025 | When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation… | ||
| CVE-2024-3289 | Hig | 0.51 | 7.8 | 0.00 | May 17, 2024 | When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the… | ||
| CVE-2024-2390 | Hig | 0.51 | 7.8 | 0.00 | Mar 18, 2024 | As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and… | ||
| CVE-2017-7850 | Hig | 0.51 | 7.8 | 0.00 | Apr 19, 2017 | Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode. | ||
| CVE-2017-7199 | Hig | 0.51 | 7.8 | 0.00 | Mar 23, 2017 | Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue. | ||
| CVE-2017-11506 | Hig | 0.48 | 7.4 | 0.01 | Aug 9, 2017 | When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks. | ||
| CVE-2017-6543 | Hig | 0.48 | 7.3 | 0.01 | Mar 8, 2017 | Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated… | ||
| CVE-2018-1141 | Hig | 0.46 | 7.0 | 0.00 | Mar 20, 2018 | When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location. | ||
| CVE-2016-4055 | Med | 0.43 | 6.5 | 0.10 | Jan 23, 2017 | The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)." | ||
| CVE-2022-0778 | Hig | 0.42 | 7.5 | 0.71 | Mar 15, 2022 | The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic… | ||
| CVE-2018-1148 | Med | 0.42 | 6.5 | 0.01 | May 18, 2018 | In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change. | ||
| CVE-2017-7849 | Med | 0.36 | 5.5 | 0.00 | Apr 19, 2017 | Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode. | ||
| CVE-2018-1147 | Med | 0.35 | 5.4 | 0.01 | May 18, 2018 | In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session.… | ||
| CVE-2017-2122 | Med | 0.35 | 5.4 | 0.01 | May 12, 2017 | Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2016-9259 | Med | 0.35 | 5.4 | 0.01 | Feb 28, 2017 | Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2016-9260 | Med | 0.35 | 5.4 | 0.01 | Jan 31, 2017 | Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files. | ||
| CVE-2017-5179 | Med | 0.35 | 5.4 | 0.01 | Jan 5, 2017 | Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2025-36625 | Med | 0.28 | 4.3 | 0.00 | Apr 18, 2025 | In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application. | ||
| CVE-2014-7280 | 0.03 | — | 0.03 | Oct 21, 2014 | Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header. |
- risk 0.53cvss 8.2epss 0.00
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host
- risk 0.51cvss 7.8epss 0.00
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation…
- risk 0.51cvss 7.8epss 0.00
When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the…
- risk 0.51cvss 7.8epss 0.00
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and…
- risk 0.51cvss 7.8epss 0.00
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
- risk 0.51cvss 7.8epss 0.00
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue.
- risk 0.48cvss 7.4epss 0.01
When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.
- risk 0.48cvss 7.3epss 0.01
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated…
- risk 0.46cvss 7.0epss 0.00
When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.
- risk 0.43cvss 6.5epss 0.10
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
- risk 0.42cvss 7.5epss 0.71
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic…
- risk 0.42cvss 6.5epss 0.01
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change.
- risk 0.36cvss 5.5epss 0.00
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode.
- risk 0.35cvss 5.4epss 0.01
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session.…
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.28cvss 4.3epss 0.00
In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application.
- CVE-2014-7280Oct 21, 2014risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
Page 1 of 3