Nessus Network Monitor < 6.5.4 Multiple Vulnerabilities (TNS-2026-14)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-14 advisory. - An integer overflow can be triggered in SQLite's concatws function. The resulting,...

Nessus Network Monitor < 6.5.3 Multiple Vulnerabilities (TNS-2026-02)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-02 advisory. - A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical...

EUVD-2020-26951

Malware in sbrugna...

EUVD-2024-49761

Malicious code in bioql PyPI...

EUVD-2023-57915

Malicious code in bioql PyPI...

EUVD-2023-57917

Malicious code in bioql PyPI...

Nessus Network Monitor < 6.5.1 Multiple Vulnerabilities (TNS-2025-10)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-10 advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in...

CVE-2020-5794

A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. The attacker needs valid credentia...

CVE-2024-9158

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158 XSS

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158

CVE-2024-9158 is a stored cross-site scripting vulnerability in Nessus Network Monitor (NNM). The available connected sources confirm: an authenticated, privileged local attacker can inject arbitrary code into the NNM UI via the local CLI. Affected software is Nessus Network Monitor prior to vers...

CVE-2024-9158 XSS

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

[R1] Nessus Network Monitor 6.5.0 Fixes Multiple Vulnerabilities

R1 Nessus Network Monitor 6.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 09/24/2024 - 11:43 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat, curl, and libxml2 were found to contain...

[R1] Nessus Network Monitor 6.4.0 Fixes Multiple Vulnerabilities

R1 Nessus Network Monitor 6.4.0 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 04/29/2024 - 11:40 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components hyperscan, curl and c-ares were found to contain vulnerabilitie...

Vulnerabilities fixed in Tenable Nessus Network Monitor

Tenable has fixed vulnerabilities in Nessus Network Monitor and underlying software. An unauthenticated malicious person could potentially exploit the vulnerability with reference CVE-2023-5363 potentially exploit it to cause a denial-of-service DoS or to gain access to sensitive system data. In...

Tenable Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)

Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-5624

Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection...

Design/Logic Flaw

Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection...

CVE-2023-5624 Blind SQL Injection

Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection...

Tenable Network Security Nessus Code Injection Vulnerability

Tenable Network Security Nessus is an open source system vulnerability scanner from US-based Tenable Network Security. Tenable Network Security Nessus Network Monitor suffers from a security vulnerability that stems from Nessus Network Monitor NNM failing to properly set an ACL on its installatio...