Lucene search
K
TenableNessus Network Monitor*

8 matches found

CVE
CVE
added 2020/12/08 3:30 p.m.1193 views

CVE-2020-1971

CVE-2020-1971 is described across multiple connected sources as a NULL-dereference in OpenSSL’s GENERAL_NAME_cmp when EDIPARTYNAME is present, potentially enabling a denial-of-service crash. Affected OpenSSL versions include all 1.1.1 and 1.0.2 lines; fixes are published in OpenSSL 1.1.1i and Ope...

5.9CVSS5.7AI score0.06968EPSS
CVE
CVE
added 2021/08/24 2:50 p.m.710 views

CVE-2021-3712

The CVE-2021-3712 issue affects OpenSSL where ASN1_STRING data may not be NUL-terminated if constructed directly (or via ASN1_STRING_set0), causing read-buffer overreads when many OpenSSL print/name-constraining paths handle such ASN.1 strings. Exploitation could crash the application (DoS) or di...

7.4CVSS8AI score0.50445EPSS
CVE
CVE
added 2024/09/30 4:24 p.m.69 views

CVE-2024-9158

CVE-2024-9158 is a stored cross-site scripting vulnerability in Nessus Network Monitor (NNM). The available connected sources confirm: an authenticated, privileged local attacker can inject arbitrary code into the NNM UI via the local CLI. Affected software is Nessus Network Monitor prior to vers...

8.4CVSS6AI score0.00308EPSS
CVE
CVE
added 2025/05/23 3:46 p.m.59 views

CVE-2025-24916

CVE-2025-24916 affects Tenable Network Monitor prior to version 6.5.1 on Windows. The root cause is improper permission enforcement for sub-directories when the product is installed to a non-default location, creating a path for local privilege escalation if directory security is not properly con...

7.8CVSS7AI score0.0014EPSS
CVE
CVE
added 2023/10/26 4:18 p.m.57 views

CVE-2023-5622

CVE-2023-5622 affects Tenable Nessus Network Monitor. The issue allows a low-privilege user to escalate to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file, under conditions described by CVE-2023-5622. Documents indicate the vulnerability is in Nessus Network Monitor pri...

8.8CVSS7.7AI score0.00471EPSS
CVE
CVE
added 2023/10/26 4:36 p.m.53 views

CVE-2023-5624

CVE-2023-5624 is tied to Nessus Network Monitor before 6.3.0, where insufficient input validation could let an admin modify parameters and potentially enable a blind SQL injection. Affected component is Nessus Network Monitor; underlying issue and impact are described in the TNS-2023-34 advisory ...

7.2CVSS7AI score0.00484EPSS
CVE
CVE
added 2025/05/23 3:59 p.m.50 views

CVE-2025-24917

CVE-2025-24917 affects Tenable Network Monitor prior to version 6.5.1 on Windows. A non-administrative user can stage files in a local directory to execute arbitrary code with SYSTEM privileges, enabling local privilege escalation. The issue is documented in multiple sources (including Tenable TN...

7.8CVSS7.6AI score0.00152EPSS
CVE
CVE
added 2023/10/26 4:25 p.m.46 views

CVE-2023-5623

CVE-2023-5623 affects Tenable Nessus Network Monitor (NNM). The issue is that NNM could fail to correctly set ACLs on its installation directory, enabling a low-privileged user to execute arbitrary code with SYSTEM privileges when NNM is installed to a non-standard location. The connected Nessus-...

7.8CVSS7.4AI score0.00151EPSS