cbcvebase.

Tenable Nessus vulnerabilities

70 known vulnerabilities affecting tenable/nessus.

Total CVEs
70
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH28MEDIUM36LOW2

Vulnerabilities

Page 2 of 4
CVE-2022-23990P3HIGHCVSS 7.5fixed in 8.15.3≥ 10.0.0, < 10.1.12022-01-26
CVE-2022-23990 [HIGH] CWE-190 CVE-2022-23990: Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
nvd
CVE-2020-5793P3HIGHCVSS 7.8≥ 8.9.0, ≤ 8.12.02020-11-05
CVE-2020-5793 [HIGH] CVE-2020-5793: A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 f A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system d
nvd
CVE-2024-3289P3HIGHCVSS 7.8fixed in 10.7.32024-05-17
CVE-2024-3289 [HIGH] CWE-281 CVE-2024-3289: When installing Nessus to a directory outside of the default location on a Windows host, Nessus vers When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
nvd
CVE-2025-24914P3HIGHCVSS 7.8fixed in 10.8.42025-04-18
CVE-2025-24914 [HIGH] CWE-276 CVE-2025-24914: When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. - CVE-2025-24914
nvd
CVE-2026-57587P3MEDIUMCVSS 5.3fixed in 10.12.1vprior to 10.12.12026-06-25
CVE-2026-57587 [MEDIUM] CWE-89 CVE-2026-57587: A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls rever A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data.
nvd
CVE-2024-0971P3MEDIUMCVSS 6.5fixed in 10.7.02024-02-07
CVE-2024-0971 [MEDIUM] CWE-89 CVE-2024-0971: A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could p A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
nvd
CVE-2022-32974P3MEDIUMCVSS 6.5fixed in 10.2.0vNessus 10.1.X and earlier2022-06-21
CVE-2022-32974 [MEDIUM] CVE-2022-32974: An authenticated attacker could read arbitrary files from the underlying operating system of the sca An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
nvd
CVE-2024-3290P3HIGHCVSS 8.2fixed in 10.7.32024-05-17
CVE-2024-3290 [HIGH] CWE-367 CVE-2024-3290: A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus hos A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host
nvd
CVE-2019-3974P3HIGHCVSS 8.1≤ 8.5.22019-08-15
CVE-2019-3974 [HIGH] CVE-2019-3974: Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system fi Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
nvd
CVE-2024-2390P3HIGHCVSS 7.8fixed in #2024031420532024-03-18
CVE-2024-2390 [HIGH] CWE-269 CVE-2024-2390: As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was ide As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.
nvd
CVE-2017-18214P3HIGHCVSS 7.5≤ 8.2.32018-03-04
CVE-2017-18214 [HIGH] CVE-2017-18214: The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
nvd
CVE-2023-5847P3HIGHCVSS 7.3fixed in 10.6.22023-11-01
CVE-2023-5847 [HIGH] CWE-269 CVE-2023-5847: Under certain conditions, a low privileged attacker could load a specially crafted file during inst Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
nvd
CVE-2023-3252P3MEDIUMCVSS 6.5fixed in 10.6.02023-08-29
CVE-2023-3252 [MEDIUM] CWE-427 CVE-2023-3252: An arbitrary file write vulnerability exists where an authenticated, remote attacker with administr An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.
nvd
CVE-2017-7850P3HIGHCVSS 7.8v6.10.0v6.10.1+3 more2017-04-19
CVE-2017-7850 [HIGH] CWE-732 CVE-2017-7850: Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
nvd
CVE-2017-6543P3HIGHCVSS 7.3≤ 6.10.12017-03-08
CVE-2017-6543 [HIGH] CVE-2017-6543: Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to conta Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installatio
nvd
CVE-2023-6062P3MEDIUMCVSS 6.5fixed in 10.5.7≥ 10.6.0, < 10.6.3+1 more2023-11-20
CVE-2023-6062 [MEDIUM] CWE-787 CVE-2023-6062: An arbitrary file write vulnerability exists where an authenticated, remote attacker with administr An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
nvd
CVE-2023-6178P3MEDIUMCVSS 6.5fixed in 10.4.42023-11-20
CVE-2023-6178 [MEDIUM] CWE-787 CVE-2023-6178: An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
nvd
CVE-2016-4055P4MEDIUMCVSS 6.5≤ 8.2.32017-01-23
CVE-2016-4055 [MEDIUM] CWE-400 CVE-2016-4055: The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cau The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
nvd
CVE-2022-33757P4MEDIUMCVSS 6.5fixed in 10.2.02022-10-25
CVE-2022-33757 [MEDIUM] CWE-284 CVE-2022-33757: An authenticated attacker could read Nessus Debug Log file attachments from the web UI without havin An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance.
nvd
CVE-2018-1148P4MEDIUMCVSS 6.5fixed in 7.1.02018-05-18
CVE-2018-1148 [MEDIUM] CWE-384 CVE-2018-1148: In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the ap In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change.
nvd
Tenable Nessus vulnerabilities | cvebase