NotCVE - vendor:"Tenable" product:"Nessus" version:"6.0.0"

Page 6 of 54 results (0.007 seconds)

CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-6543

https://notcve.org/view.php?id=CVE-2017-6543

08 Mar 2017 — Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows. Tenable Nessus en versiones anteriores a 6.10.2 (tal como se utiliza sólo o en Tenable Appliance en versiones anteriores a 4.5.0) se e... • http://www.securityfocus.com/bid/96418 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-9260

https://notcve.org/view.php?id=CVE-2016-9260

31 Jan 2017 — Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files. Vulnerabilidad de XSS en Tenable Nessus en versiones anteriores a 6.9 permite a los usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarias a través de vectores relacionados con el manejo de archivos .nessus. • http://jvn.jp/en/jp/JVN12796388/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 1

CVE-2016-4055

https://notcve.org/view.php?id=CVE-2016-4055

23 Jan 2017 — The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)." La función duration en el paquete moment en versiones anteriores a 2.11.2 para Node.js permite a atacantes remotos provocar una denegación de servicio (consumo de CPU ) a través de una cadena larga, vulnerabilidad también conocida como "Denial of Service (ReDoS) de expresión regular". • http://www.openwall.com/lists/oss-security/2016/04/20/11 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5179

https://notcve.org/view.php?id=CVE-2017-5179

05 Jan 2017 — Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Tenable Nessus en versiones anteriores a 6.9.3 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/95307 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...4 5 6