Lucene search
K

11706 matches found

Tenable Product Security Advisories
Tenable Product Security Advisories
added 2026/02/03 2:56 p.m.7 views

[R1] Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and...

5.3AI score
Exploits0
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2026/02/03 2:56 p.m.8 views

[R1] Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities

R1 Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.5 views

RHEL 9 : gimp (RHSA-2026:1587)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1587 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

7.8CVSS6.2AI score0.00539EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

Hanwha Vision Camera Use of Hard-coded Cryptographic Key (CVE-2025-52601)

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...

7.8CVSS8.5AI score0.00091EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Rockwell Automation Allen-Bradley Stratix 5950 Improper Access Control (CVE-2019-1649)

Cisco Systems, Inc. Cisco released an advisory regarding a vulnerability in the logic that handles access control to a hardware component in Cisco's proprietary Secure Boot implementation. If successfully exploited, an attacker could write a modified firmware image to the component. The...

7.2CVSS7AI score0.00611EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Hanwha Vision Camera Improper Privilege Management (CVE-2025-52599)

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the...

6.5CVSS8.4AI score0.00212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.10 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004352 advisory. In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional...

7CVSS6.6AI score0.00171EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Hanwha Vision Camera Improper Neutralization of Input During Web Page Generation (CVE-2025-8075)

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

5.8CVSS8.4AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

Tenable Nessus Agent Tray App 安全漏洞

Tenable Nessus Agent Tray App is a tray component from Tenable USA. A security vulnerability exists in Tenable Nessus Agent Tray App that stems from an installation/uninstallation issue on Windows hosts that could lead to elevated privileges...

8.8CVSS5.8AI score0.00109EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/10 12:0 a.m.6 views

Fedora 42 : mariadb10.11 (2026-03f07fde5d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03f07fde5d advisory. MariaDB 10.11.15 Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.15 Tenable has extracted the preceding description block...

7CVSS6.9AI score0.00414EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/01/09 10:1 a.m.9 views

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258 , carries a CVSS score of 9.8 out ...

9.8CVSS8.3AI score0.0322EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Improper Input Validation (CVE-2023-47234)

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.7AI score0.00911EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.6 views

Siemens Ruggedcom ROX Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2022-34903)

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are met, allows signature forgery via injection into the status line. This plugin only works with Tenable.ot. Please visit...

6.5CVSS7.3AI score0.02551EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.4 views

Siemens Ruggedcom ROX OS Command Injection (CVE-2022-48624)

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504890;...

7.8CVSS6.3AI score0.01059EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Use After Free (CVE-2022-48626)

In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxartremove, so fix this by saving the base register of the device and using it instead of t...

7.8CVSS5.9AI score0.0031EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.4 views

Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56839)

Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.6CVSS7.6AI score0.00596EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Improper Input Validation (CVE-2024-5642)

CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being not...

9.1CVSS7.2AI score0.05582EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Improper Authentication (CVE-2022-0492)

A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly. This plugin only...

7.8CVSS6.9AI score0.05528EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.9 views

Siemens Ruggedcom ROX Inefficient Regular Expression Complexity (CVE-2024-6232)

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. This plugin only works with Tenable.ot. Please visit...

7.5CVSS6.9AI score0.02203EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Uncontrolled Resource Consumption (CVE-2024-7592)

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...

7.5CVSS6.8AI score0.02303EPSS
Exploits1References3
Rows per page
Query Builder