CVE-2023-6062
published 2023-11-20CVE-2023-6062: An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus…
PriorityP335medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
EPSS
1.03%
59.5th percentile
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenable | nessus | < 10.6.2 | 10.6.2 |
| tenable | nessus | < 10.5.7 | 10.5.7 |
| tenable | nessus | >= 10.6.0 < 10.6.3 | 10.6.3 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f9c7-v94m-vp2c: An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alt
ghsa_unreviewed·2023-11-20
CVE-2023-6062 [MEDIUM] CWE-787 GHSA-f9c7-v94m-vp2c: An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alt
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Red Hat
kernel: coresight: Fix memory leak in acpi_buffer->pointer
vendor_redhat·2025-09-15·CVSS 5.5
CVE-2023-53261 [MEDIUM] CWE-772 kernel: coresight: Fix memory leak in acpi_buffer->pointer
kernel: coresight: Fix memory leak in acpi_buffer->pointer
In the Linux kernel, the following vulnerability has been resolved:
coresight: Fix memory leak in acpi_buffer->pointer
There are memory leaks reported by kmemleak:
...
unreferenced object 0xffff00213c141000 (size 1024):
comm "systemd-udevd", pid 2123, jiffies 4294909467 (age 6062.160s)
hex dump (first 32 bytes):
04 00 00 00 02 00 00 00 18 10 14 3c 21 00 ff ff ...........] __kmem_cache_alloc_node+0x2f8/0x348
[] __kmalloc+0x58/0x108
[] acpi_os_allocate+0x2c/0x68
[] acpi_ut_initialize_buffer+0x54/0xe0
[] acpi_evaluate_object+0x388/0x438
[] acpi_evaluate_object_typed+0xe8/0x240
[] coresight_get_platform_data+0x1b4/0x988 [coresight]
...
The ACPI buffer memory (buf.pointer) should be freed. But the buffer
is also used after returning fr
No detection rules found.
No public exploits indexed.
2023-11-20
Published