The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Nessus

Nessus: privilege escalation via File Upload
An attacker can bypass restrictions via File Upload of Nessus, in order to escalate his privileges...
CERTFR-2021-AVI-239, CVE-2021-20077, TNS-2021-07, VIGILANCE-VUL-35011
OpenSSL: Man-in-the-Middle via X509_V_FLAG_X509_STRICT
An attacker can act as a Man-in-the-Middle via X509_V_FLAG_X509_STRICT on OpenSSL, in order to read or write data in the session...
6443733, CERTFR-2021-AVI-221, CERTFR-2021-AVI-235, cisco-sa-openssl-2021-GHY28dJd, cpuapr2021, CVE-2021-3450, FEDORA-2021-c11da301be, FEDORA-2021-d049f32a82, FEDORA-2021-d934acdb42, FEDORA-2021-f347d1c866, FreeBSD-SA-21:07.openssl, RHSA-2021:1024-01, SB10356, SSB-439005, TNS-2021-05, VIGILANCE-VUL-34943
Nessus AMI: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on Nessus AMI, in order to read or write data in the session...
CERTFR-2021-AVI-074, CVE-2020-5812, TNS-2021-01, VIGILANCE-VUL-34470
Nessus: privilege escalation
An attacker can bypass restrictions of Nessus, in order to escalate his privileges...
CERTFR-2020-AVI-696, CVE-2020-5793, TNS-2020-08, VIGILANCE-VUL-33745
Nessus: privilege escalation via Unexpired Sessions
An attacker can bypass restrictions via Unexpired Sessions of Nessus, in order to escalate his privileges...
CERTFR-2020-AVI-519, CVE-2020-5774, TNS-2020-06, VIGILANCE-VUL-33133
Nessus: Cross Site Scripting via User Interface
An attacker can trigger a Cross Site Scripting via User Interface of Nessus, in order to run JavaScript code in the context of the web site...
CERTFR-2020-AVI-449, CVE-2020-5765, TNS-2020-05, VIGILANCE-VUL-32620
OpenSSL: NULL pointer dereference via SSL_check_chain
An attacker can force a NULL pointer to be dereferenced via SSL_check_chain() of OpenSSL, in order to trigger a denial of service...
6235728, 6409294, bulletinjul2020, CERTFR-2020-AVI-235, cpujul2020, cpuoct2020, CVE-2020-1967, DSA-4661-1, FreeBSD-SA-20:11.openssl, HPESBST04139, JSA11074, openSUSE-SU-2020:0933-1, openSUSE-SU-2020:0945-1, SUSE-SU-2020:1058-1, SUSE-SU-2020:2041-1, VIGILANCE-VUL-32076
jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, 6367943, 6413705, 6449664, BSA-2020-972, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, CERTFR-2020-AVI-797, cpuapr2021, cpujan2021, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DLA-2608-1, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-2020-262, DSA-2020-270, DSA-2021-101, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, HPESBST04135, HPESBST04139, JRASERVER-72052, K02453220, K66544153, KM03758436, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, openSUSE-SU-2020:1888-1, OSA-2020-14, RHSA-2020:3936-01, RHSA-2020:4670-01, RHSA-2020:4847-01, RHSA-2021:0860-01, RHSA-2021:1846-01, TNS-2020-10, VIGILANCE-VUL-32007
Nessus: denial of service
An attacker can trigger a fatal error of Nessus, in order to trigger a denial of service...
CERTFR-2019-AVI-529, CVE-2019-3982, TNS-2019-06, VIGILANCE-VUL-30701
Nessus: denial of service via File Overwritte
An attacker can trigger a fatal error via File Overwritte of Nessus, in order to trigger a denial of service...
CERTFR-2019-AVI-387, CVE-2019-3974, TNS-2019-05, VIGILANCE-VUL-30054
Our database contains other pages. You can request a free trial to read them.

Display information about Nessus: