Lucene search
K
TenableNessus Agent

11 matches found

CVE
CVE
added 2019/09/09 4:7 p.m.695 views

CVE-2019-16168

CVE-2019-16168 affects SQLite up to version 3.29.0, whereLoopAddBtreeIndex in sqlite3.c may crash a browser/application due to missing validation of sqlite_stat1 sz, described as a severe division by zero in the query planner. Connected documents show multiple advisories referencing the fix in SQ...

6.5CVSS7AI score0.04253EPSS
CVE
CVE
added 2021/03/25 2:25 p.m.564 views

CVE-2021-3450

CVE-2021-3450 affects OpenSSL 1.1.1h–1.1.1j where a bug in the X509_V_FLAG_X509_STRICT path overwrote a prior CA-check result, bypassing the non-CA certificates prohibition unless a programmed purpose is used. When a purpose is configured, the certificate chain is still rejected; the issue is fix...

7.4CVSS7.6AI score0.18339EPSS
CVE
CVE
added 2023/11/01 3:30 p.m.157 views

CVE-2023-5847

CVE-2023-5847 is evidenced in connected docs as a local privilege escalation affecting Tenable Nessus/Nessus Agent. The flaw enables a low-privileged attacker to load a crafted file during installation or upgrade, potentially escalating to SYSTEM/root by exploiting OpenSSL configuration handling ...

7.3CVSS7.1AI score0.00223EPSS
CVE
CVE
added 2026/02/13 4:14 p.m.114 views

CVE-2026-2026

The CVE-2026-2026 entry concerns the Nessus Agent for Windows with weak file permissions in its installation directory, allowing unauthorized access that can lead to Denial of Service. Reported CVSS metrics indicate a Local attack with Low privilege required and No user interaction, contributing ...

6.9CVSS5.4AI score0.00106EPSS
CVE
CVE
added 2020/11/05 7:11 p.m.69 views

CVE-2020-5793

CVE-2020-5793 affects Tenable Nessus (Windows) versions 8.9.0–8.12.0 and Nessus Agent 8.0.0–8.1.0. An authenticated local attacker can copy user-supplied files to a specially crafted path in a named user directory by dropping a malicious file into a system directory. The exploit requires valid Wi...

7.8CVSS7.3AI score0.00392EPSS
CVE
CVE
added 2021/03/19 6:46 p.m.68 views

CVE-2021-20077

CVE-2021-20077 affects Tenable Nessus Agent versions 7.2.0–8.2.2 installed on Amazon EC2. During initial linking, the agent could inadvertently capture the IAM role security token on the local host, enabling a privileged attacker to obtain the token. The commonly cited remediation is upgrading to...

7.2CVSS6.5AI score0.00346EPSS
CVE
CVE
added 2021/09/09 11:26 a.m.67 views

CVE-2021-20117

CVE-2021-20117 affects Nessus Agent 8.3.0 and earlier. Local privilege escalation enables an authenticated, local administrator to execute certain executables on the Nessus Agent host. This entry is distinct from CVE-2021-20118. The provided documents do not specify exploitation details, affected...

7.2CVSS6.5AI score0.00303EPSS
CVE
CVE
added 2025/06/13 2:34 p.m.66 views

CVE-2025-36631

CVE-2025-36631 affects Tenable Agent on Windows before version 10.8.5, where a non-administrative user could overwrite arbitrary local system files with content written to logs, executing with SYSTEM privileges (local privilege escalation). The issue is confirmed across multiple sources in the co...

8.4CVSS8.2AI score0.00164EPSS
CVE
CVE
added 2025/06/13 2:21 p.m.62 views

CVE-2025-36633

CVE-2025-36633 affects Tenable Agent on Windows prior to version 10.8.5. A non-administrative user could delete local system files with SYSTEM privileges, enabling local privilege escalation. The issue is documented across multiple feeds (NVD, Red Hat, CNVD, PT Security, etc.). The remediation co...

8.8CVSS8.5AI score0.00173EPSS
CVE
CVE
added 2021/09/09 11:26 a.m.59 views

CVE-2021-20118

CVE-2021-20118 concerns Nessus Agent 8.3.0 and earlier, where an authenticated local administrator could cause a local privilege escalation by running certain executables on the Nessus Agent host. The connection between CVE-2021-20118 and CVE-2021-20117 is noted in sources; the exact root cause d...

7.2CVSS6.5AI score0.00303EPSS
CVE
CVE
added 2025/06/16 1:56 p.m.33 views

CVE-2025-36632

CVE-2025-36632 affects Tenable Agent on Windows prior to 10.8.5, where a non-administrative user can execute code with SYSTEM privileges. The vulnerability is documented across multiple sources (including Red Hat, NVD, CNVD) as a local privilege escalation in Tenable Agent; Tenable has released v...

7.8CVSS7.2AI score0.0019EPSS