Vulnerabilidades en Tenable
80 resultadosCVE-2026-47358CRITICALTerrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when EPSS 0.5%CVE-2023-5622HIGHPrivilege Escalation EPSS 0.5%CVE-2024-3232HIGHFormula Injection VulnerabilityEPSS 0.5%CVE-2023-3251MEDIUMPass-back vulnerability in NessusEPSS 0.5%CVE-2021-21371MEDIUMExecution of untrusted code through config fileEPSS 0.5%CVE-2026-13007HIGHInsecure Public Caching on REST API Endpoints in Tenable Identity ExposureEPSS 0.4%CVE-2024-1471MEDIUMHTML Injection VulnerabilityEPSS 0.4%CVE-2023-3253MEDIUMImproper authorization in NessusEPSS 0.4%CVE-2026-57587LOWSQL Injection in Nessus via Reverse DNS LookupEPSS 0.3%CVE-2023-2005MEDIUMTenable Plugin Feed ID #202306261202 Fixes Privilege Escalation VulnerabilityEPSS 0.3%CVE-2024-1683HIGHDLL Injection in Tenable Identity Exposure Secure RelayEPSS 0.3%CVE-2024-9158HIGHXSSEPSS 0.3%CVE-2024-5759MEDIUMImproper privilege managementEPSS 0.3%CVE-2024-1891LOWStored Cross Site ScriptingEPSS 0.3%CVE-2018-1141—When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions forEPSS 0.2%CVE-2025-1091MEDIUMBroken Authorization SchemaEPSS 0.2%CVE-2025-36625MEDIUMLog Poisoning in NessusEPSS 0.2%CVE-2023-5847MEDIUM
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privilegEPSS 0.2%CVE-2026-2698MEDIUMImproper Access ControlEPSS 0.2%CVE-2026-2697LOWIndirect Object Reference (IDOR) in Security CenterEPSS 0.2%