CVE-2022-23852 — CVSS 9.8 (critical): Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2023-0101 — CVSS 8.8 (high): A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated…
CVE-2022-4313 — CVSS 8.8 (high): A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy…
CVE-2022-32973 — CVSS 8.8 (high): An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator…
CVE-2021-45960 — CVSS 8.8 (high): In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc…
CVE-2023-0524 — CVSS 8.8 (high): As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a…
CVE-2025-36630 — CVSS 8.4 (high): In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local…
CVE-2021-46143 — CVSS 8.1 (high): In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2019-3974 — CVSS 8.1 (high): Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily…
CVE-2020-5793 — CVSS 7.8 (high): A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated…
CVE-2017-7199 — CVSS 7.8 (high): Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the…
CVE-2017-7850 — CVSS 7.8 (high): Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in…
CVE-2017-18214 — CVSS 7.5 (high): The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different…
CVE-2022-0778 — CVSS 7.5 (high): The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli…
CVE-2018-20843 — CVSS 7.5 (high): In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a…
CVE-2017-11506 — CVSS 7.4 (high): When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate…
CVE-2021-3450 — CVSS 7.4 (high): The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by…
CVE-2017-6543 — CVSS 7.3 (high): Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote…
CVE-2020-5774 — CVSS 7.1 (high): Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of…
CVE-2018-1141 — CVSS 7.0 (high): When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions…
CVE-2014-2848 — CVSS 6.9 (medium): A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by…
CVE-2023-6178 — CVSS 6.8 (medium): An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus…
CVE-2023-3252 — CVSS 6.8 (medium): An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging…
CVE-2023-6062 — CVSS 6.8 (medium): An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus…
CVE-2021-20135 — CVSS 6.7 (medium): Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated…
CVE-2021-20079 — CVSS 6.7 (medium): Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user…
CVE-2021-20099 — CVSS 6.7 (medium): Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an…
CVE-2021-20100 — CVSS 6.7 (medium): Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an…
CVE-2023-5847 — CVSS 6.7 (medium): Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate…
CVE-2021-20106 — CVSS 6.5 (medium): Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator…
CVE-2019-3982 — CVSS 6.5 (medium): Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported…
CVE-2018-1148 — CVSS 6.5 (medium): In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker…
CVE-2022-28291 — CVSS 6.5 (medium): Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the…
CVE-2022-32974 — CVSS 6.5 (medium): An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance…
CVE-2022-33757 — CVSS 6.5 (medium): An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This…
CVE-2022-3499 — CVSS 6.5 (medium): An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where…
CVE-2016-4055 — CVSS 6.5 (medium): The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU…
CVE-2024-0971 — CVSS 6.5 (medium): A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
CVE-2019-3961 — CVSS 6.1 (medium): Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An…
CVE-2021-3449 — CVSS 5.9 (medium): An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2017-7849 — CVSS 5.5 (medium): Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in…
CVE-2016-9259 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or…
CVE-2018-1147 — CVSS 5.4 (medium): In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and…
CVE-2017-2122 — CVSS 5.4 (medium): Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject…
CVE-2019-3923 — CVSS 5.4 (medium): Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An…
CVE-2017-5179 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or…
CVE-2020-5765 — CVSS 5.4 (medium): Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration…
CVE-2016-9260 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or…
CVE-2026-57587 — CVSS 5.3 (medium): A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to…
CVE-2014-4980 — CVSS 5.0 (medium): The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive…
CVE-2016-1000029 — CVSS 4.8 (medium): Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact…
CVE-2016-1000028 — CVSS 4.8 (medium): Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially…
CVE-2024-0955 — CVSS 4.8 (medium): A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could…
CVE-2018-5407 — CVSS 4.7 (medium): Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel…
CVE-2023-3253 — CVSS 4.3 (medium): An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users…
CVE-2023-3251 — CVSS 4.1 (medium): A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP…
CVE-2019-3962 — CVSS 3.3 (low): Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability…
CVE-2026-57588 — CVSS 3.3 (low): A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user…