Exploit for Incorrect Permission Assignment for Critical Resource in Tenable Nessus

Deprecated. Have a look at Watson instead. Sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. Currently looks for: MS10-015 : User Mode to Ring KiTrap0D MS10-092 : Task Scheduler MS13-053 : NTUserMessageCall Win32k Kernel Pool...

CVE-2021-20118

Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20117...

CVE-2021-20117

Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20118...

CVE-2021-20077

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token...

Tenable Network Security Nessus 输入验证错误漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. An input validation error vulnerability exists in Nessus Agent version 8.3.0 and prior versions, which can be exploited by an attacker to run a specific executable file on the Nessus...