220 matches found
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch SC-202209.1
R1 Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch SC-202209.1 Arnie Cabral Wed, 09/07/2022 - 10:46 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components moment.js was found to contain...
[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities
R1 Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities Arnie Cabral Mon, 05/09/2022 - 17:04 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several third-party components OpenSSL and jQuery UI were found to contain vulnerabilitie...
[R1] Nessus Agent 8.3.0 Fixes One Vulnerability
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host...
[R1] Nessus 8.12.1 Fixes One Vulnerability
A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying...
[R1] Stand-alone Security Patch Available for Tenable Security Center version 6.5.1: SC-202504.3
R1 Stand-alone Security Patch Available for Tenable Security Center version 6.5.1: SC-202504.3 Arnie Cabral Mon, 04/21/2025 - 11:03 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components postgresql was found to contain...
[R1] Security Center Version 6.5.1 Fixes Multiple Vulnerabilities
R1 Security Center Version 6.5.1 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 12/10/2024 - 11:22 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components PHP was found to contain vulnerabilities, and an updated version has been...
[R1] Nessus Version 10.8.3 Fixes Multiple Vulnerabilities
R1 Nessus Version 10.8.3 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 09/11/2024 - 15:19 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat were found to contain vulnerabilities, and updated versions have been...
[R1] Nessus Agent Version 10.4.1 Fixes Multiple Vulnerabilities
R1 Nessus Agent Version 10.4.1 Fixes Multiple Vulnerabilities Jason Schavel Mon, 07/03/2023 - 13:44 Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been...
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 5.23.1: SC-202302.3
R1 Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 5.23.1: SC-202302.3 Arnie Cabral Tue, 02/21/2023 - 10:20 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components in use libcurl was found to contain...
[R1] Tenable.sc 5.21.0 Fixes Multiple Third-Party Vulnerabilities
R1 Tenable.sc 5.21.0 Fixes Multiple Third-Party Vulnerabilities Arnie Cabral Tue, 04/19/2022 - 10:32 Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components were found to contain vulnerabilities, and updated versions have been made...
[R1] Nessus Agent Versions 8.3.3 and 10.1.3 Fix One Third-Party Vulnerability
R1 Nessus Agent Versions 8.3.3 and 10.1.3 Fix One Third-Party Vulnerability Arnie Cabral Thu, 03/31/2022 - 14:27 Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and an updated...
[R2] Nessus Agent 8.2.0 Fixes One Vulnerability
A vulnerability in Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. The attacker needs valid credentials on the Windows system to...
[R2] Security Center Version 6.6.0 Fixes Multiple Vulnerabilities
R2 Security Center Version 6.6.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 05/06/2025 - 09:44 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components sqlite, ua-parser-js were found to contain vulnerabilities, and updat...
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.2.1, 6.3.0 and 6.4.0: SC-202408.1
R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.2.1, 6.3.0 and 6.4.0: SC-202408.1 Arnie Cabral Tue, 08/13/2024 - 10:51 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components Apache, libcurl were...
[R1] Nessus Network Monitor 6.3.1 Fixes Multiple Vulnerabilities
R1 Nessus Network Monitor 6.3.1 Fixes Multiple Vulnerabilities Jason Schavel Wed, 11/29/2023 - 16:00 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components HandlebarsJS, OpenSSL, and jquery-file-upload were found to...
[R1] Nessus Agent Version 8.3.5 Fixes Multiple Vulnerabilities
R1 Nessus Agent Version 8.3.5 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/09/2023 - 15:30 Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been ma...
[R1] Nessus Versions 8.15.4 and 10.1.2 Fix One Third-Party Vulnerability
R1 Nessus Versions 8.15.4 and 10.1.2 Fix One Third-Party Vulnerability Arnie Cabral Wed, 03/30/2022 - 11:33 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and an updated version has be...
[R2] SecurityCenter 5.8.0 Fixes Multiple Third-Party Vulnerabilities
SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components Apache Xalan and Serializer were found to contain vulnerabilities, and updated versions have been made available by the providers...
[R1] Nessus Network Monitor 6.4.0 Fixes Multiple Vulnerabilities
R1 Nessus Network Monitor 6.4.0 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 04/29/2024 - 11:40 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components hyperscan, curl and c-ares were found to contain vulnerabilitie...
[R1] Nessus Version 10.5.4 Fixes Multiple Vulnerabilities
R1 Nessus Version 10.5.4 Fixes Multiple Vulnerabilities Jason Schavel Wed, 08/02/2023 - 11:15 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made availab...
[R1] Stand-alone Security Patch Available for Tenable.sc version 6.0.0: SC-202303.1-6
R1 Stand-alone Security Patch Available for Tenable.sc version 6.0.0: SC-202303.1-6 Arnie Cabral Wed, 03/01/2023 - 08:50 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated...
[R1] Nessus Agent 8.2.3 Fixes Multiple Vulnerabilities
Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token. Additionally, one third-part...
[R1] Tenable Identity Exposure Version 3.77.9 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.9 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 02/20/2025 - 12:00 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components node.js, Envoy, curl were found to contain...
[R1] Stand-alone Security Patch Available for Security Center version 5.23.1: SC-202307.1-5.23.1
R1 Stand-alone Security Patch Available for Security Center version 5.23.1: SC-202307.1-5.23.1 Arnie Cabral Tue, 07/25/2023 - 11:11 Tenable Security Center leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain...
[R1] Nessus Version 10.5.2 Fixes Multiple Vulnerabilities
R1 Nessus Version 10.5.2 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 05/11/2023 - 15:20 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, libxslt were found to contain vulnerabilities, and updated versions have been...
[R1] Stand-alone Security Patch Available for Tenable.sc version 5.23.1: SC-202303.1-5
R1 Stand-alone Security Patch Available for Tenable.sc version 5.23.1: SC-202303.1-5 Arnie Cabral Wed, 03/01/2023 - 09:56 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated...
[R1] Tenable Plugin Feed ID #202212212055 Fixes Privilege Escalation Vulnerability
R1 Tenable Plugin Feed ID 202212212055 Fixes Privilege Escalation Vulnerability Arnie Cabral Mon, 01/30/2023 - 11:18 As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to...
[R2] Nessus Version 10.4.2 Fixes One Vulnerability
R2 Nessus Version 10.4.2 Fixes One Vulnerability Arnie Cabral Wed, 01/18/2023 - 10:22 A privilege escalation vulnerability was identified in Nessus versions 10.4.1 and earlier. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM...
[R1] Nessus Network Monitor Version 6.2.0 Fixes Multiple Vulnerabilities
R1 Nessus Network Monitor Version 6.2.0 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 12/19/2022 - 10:28 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Two of these third-party components moment.js, handlebars were found to contain...
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202201.1
R1 Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202201.1 Arnie Cabral Wed, 01/12/2022 - 11:04 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components Apache was found to contain vulnerabilities,...
[R2] Stand-alone Security Patches Available for Tenable.sc versions 5.13.0 to 5.17.0
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization. Additionally, one third-party componen...
[R1] SimpleSAMLPHP Stand-alone Patch Available for Tenable.sc versions 5.9.x to 5.12.x
Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components SimpleSAMLPHP was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
[R1] Nessus 8.2.2 Fixes One Vulnerability
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser...
[R2] SecurityCenter 5.7.0 Fixes Multiple Vulnerabilities
SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components PHP and jQuery were found to contain vulnerabilities, and updated versions have been made available by the providers...
[R1] TenableCore Web Application Scanner v20180702 Fixes Third-party Vulnerabilities
The TenableCore Web Application Scanner Image v20180328 was found to contain a command injection flaw in a script included in the bundled DHCP client dhclient package. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitra...
[R1] Nessus Agent Version 10.8.5 Fixes Multiple Vulnerabilities
R1 Nessus Agent Version 10.8.5 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 06/12/2025 - 09:53 1. In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. -...
[R1] Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 04/30/2025 - 00:26 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components Erlang OTP, OpenSSL were found to contain...
[R2] Nessus Agent Version 10.8.3 Fixes One Vulnerability
R2 Nessus Agent Version 10.8.3 Fixes One Vulnerability Arnie Cabral Thu, 03/20/2025 - 11:44 When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege...
[R1] Tenable Core on Oracle Linux 8 General Advisory
R1 Tenable Core on Oracle Linux 8 General Advisory Arnie Cabral Wed, 09/06/2023 - 06:19 Tenable Core is currently built on CentOS 7, which will be reaching end of life EoL on June 30, 2024. As a result of the approaching CentOS 7 EoL, Tenable Core is moving to Oracle Linux 8...
[R1] Nessus Version 10.5.3 Fixes Multiple Vulnerabilities
R1 Nessus Version 10.5.3 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 06/28/2023 - 12:26 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made availabl...
[R1] Nessus Network Monitor Version 6.2.1 Fixes Multiple Vulnerabilities
R1 Nessus Network Monitor Version 6.2.1 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 05/09/2023 - 11:12 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat were found to contain vulnerabilities, a...
[R1] Tenable.ad Versions 3.29.4, 3.19.12 and 3.11.9 Fix One Vulnerability
R1 Tenable.ad Versions 3.29.4, 3.19.12 and 3.11.9 Fix One Vulnerability Arnie Cabral Thu, 12/15/2022 - 10:27 Tenable.ad leverages third-party software to help provide underlying functionality. One of the third-party components Erlang was found to contain vulnerabilities, and updated versions have...
[R1] Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities
R1 Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities Arnie Cabral Thu, 05/26/2022 - 12:45 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components expat was found to contain vulnerabilities, and an updated version has been ma...
[R1] Nessus Network Monitor 5.13.1 Fixes Multiple Third-party Vulnerabilities
Nessus Network Monitor leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...
[R1] Nessus Agent 8.2.4 Fixes Multiple Vulnerabilities
Nessus Agent leverages third-party software to help provide underlying functionality. Two separate third-party components OpenSSL and sqlite were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenabl...
[R1] Nessus 8.11.0 Fixes One Vulnerability
Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. Tenable has implemented additiona...
[R2] Security Center Version 6.5.0 Fixes Multiple Vulnerabilities
R2 Security Center Version 6.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 12/05/2024 - 09:54 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, PHP, Apache Portable Runtime were found to contain...
[R1] Stand-alone Security Patches Available for Tenable.sc versions 5.22.0, 5.23.1, and 6.0.0: SC-202303.2
R1 Stand-alone Security Patches Available for Tenable.sc versions 5.22.0, 5.23.1, and 6.0.0: SC-202303.2 Arnie Cabral Tue, 03/28/2023 - 11:10 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components in use Apache was found to contain...
[R1] Nessus Version 8.15.7 Fixes Multiple Vulnerabilities
R1 Nessus Version 8.15.7 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 11/09/2022 - 12:26 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, zlib were found to contain vulnerabilities, and updated versions have...
[R1] Nessus Version 10.3.2 Fixes Multiple Vulnerabilities
R1 Nessus Version 10.3.2 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 11/02/2022 - 14:05 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat were found to contain vulnerabilities, and updated versions have been...