Tenable

Nessus

70 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-28291

Exploit
  • EPSS 0.09%
  • Published 17.10.2022 16:15:20
  • Last modified 13.05.2025 20:15:21

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affected products are all versions of Nessus Essentials a...

6.5

CVE-2022-32974

  • EPSS 0.41%
  • Published 21.06.2022 15:15:09
  • Last modified 21.11.2024 07:07:20

An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.

9

CVE-2022-32973

  • EPSS 0.28%
  • Published 21.06.2022 15:15:09
  • Last modified 21.11.2024 07:07:20

An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges.

7.5

CVE-2022-0778

Warning
  • EPSS 7.81%
  • Published 15.03.2022 17:15:08
  • Last modified 21.11.2024 06:39:22

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed ...

7.5

CVE-2022-23990

  • EPSS 4.36%
  • Published 26.01.2022 19:15:08
  • Last modified 05.05.2025 17:17:59

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

9.8

CVE-2022-23852

  • EPSS 1.71%
  • Published 24.01.2022 02:15:06
  • Last modified 05.05.2025 17:17:58

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

8.8

CVE-2022-22827

  • EPSS 0.25%
  • Published 10.01.2022 14:12:57
  • Last modified 05.05.2025 17:17:53

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

8.8

CVE-2022-22826

  • EPSS 0.18%
  • Published 10.01.2022 14:12:57
  • Last modified 05.05.2025 17:17:53

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

8.8

CVE-2022-22825

  • EPSS 0.18%
  • Published 10.01.2022 14:12:56
  • Last modified 05.05.2025 17:17:53

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

9.8

CVE-2022-22824

  • EPSS 0.38%
  • Published 10.01.2022 14:12:56
  • Last modified 05.05.2025 17:17:53

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.