Tenable Identity Exposure < 3.77.16 Multiple Vulnerabilities (TNS-2026-03)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.77.16. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2026-03: - Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function...

[R1] Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and...

[R1] Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and...

Tenable Identity Exposure < 3.77.14 Multiple Vulnerabilities (TNS-2025-23)

The version of Tenable Identity Exposure formerly Tenable.ad installed on the remote host is prior to 3.77.14. It therefore contains vulnerable versions of third-party components .NET, SQL Server, and curl. Tenable has upgraded these components to address the potential impact of the issues,...

[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET, SQL and curl were found to contain...

Tenable Identity Exposure < 3.93.4 Multiple Vulnerabilities (TNS-2025-22)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.93.4. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2025-07, including the following: - Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NE...

[R1] Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities Arnie Cabral Fri, 10/17/2025 - 10:02 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components .NET was found to contain vulnerabilities, and updat...

[R1] Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities Arnie Cabral Fri, 10/17/2025 - 10:02 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components .NET was found to contain vulnerabilities, and updat...

EUVD-2024-31824

Malicious code in bioql PyPI...

[R1] Tenable Identity Exposure Versions 3.93.2 and 3.77.13 Fix One Vulnerability

R1 Tenable Identity Exposure Versions 3.93.2 and 3.77.13 Fix One Vulnerability Arnie Cabral Wed, 08/06/2025 - 10:48 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components nodeJS was found to contain vulnerabilities, and...

Tenable Identity Exposure < 3.77.13(LTS) / 3.93.2 Vulnerable Nodejs (TNS-2025-16)

The version of Tenable Identity Exposure formerly Tenable.ad installed on the remote host is prior to 3.77.13LTS or 3.93.2. It therefore contains a version of Nodejs that could be vulnerable. Tenable has upgrade these components to address the potential impact of the issues. Note that Nessus has...

[R1] Tenable Identity Exposure Version 3.77.12 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.12 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 07/23/2025 - 16:31 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components Erlang OTP, Curl, nodeJS and .NET were found to...

Tenable Identity Exposure < 3.77.11 Multiple Vulnerabilities (TNS-2025-07)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.77.11. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2025-07, including the following: - Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may...

[R1] Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 04/30/2025 - 00:26 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components Erlang OTP, OpenSSL were found to contain...

Tenable Identity Exposure 安全漏洞

Tenable Identity Exposure is a fast, agentless solution from Tenable, Inc. It can detect and block attacks, eliminate attack paths, and provide risk-based guidance on vulnerability management and remediation. A security vulnerability exists in Tenable Identity Exposure versions prior to 3.77.9,...

[R1] Tenable Identity Exposure Version 3.77.9 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.9 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 02/20/2025 - 12:00 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components node.js, Envoy, curl were found to contain...

Tenable Identity Exposure < 3.77.9 Multiple Vulnerabilities (TNS-2025-01)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.77.9. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2025-01, including the following: - libcurl would wrongly close the same eventfd file descriptor twice when taking down a...

CVE-2024-3232

A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232...

CVE-2024-3232

A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232...

CVE-2024-3232 Formula Injection Vulnerability

A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232...