Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nessus
(Tenable)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 64 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-25 | CVE-2022-33757 | An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance. | Nessus | 6.5 | ||
| 2022-01-01 | CVE-2021-45960 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | Debian_linux, Libexpat, Active_iq_unified_manager, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus | 8.8 | ||
| 2022-01-06 | CVE-2021-46143 | In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | Libexpat, Active_iq_unified_manager, Clustered_data_ontap, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus | 7.8 | ||
| 2022-01-10 | CVE-2022-22822 | addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus | 9.8 | ||
| 2022-01-10 | CVE-2022-22823 | build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus | 9.8 | ||
| 2022-01-10 | CVE-2022-22824 | defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus | 9.8 | ||
| 2022-01-10 | CVE-2022-22825 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus | 8.8 | ||
| 2022-01-10 | CVE-2022-22826 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus | 8.8 |