English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Tenable Nessus Agent 8.1.0

CPE Details

Tenable Nessus Agent 8.1.0
tenable
nessus_agent
8.1.0
2020-12-07 15:14 +00:00
2020-12-07 15:14 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:tenable:nessus_agent:8.1.0:*:*:*:*:*:*:*

Informations

Vendor

tenable

Product

nessus_agent

Version

8.1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-5847 2023-11-01 15:30 +00:00 Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
7.3
HIGH
CVE-2021-20118 2021-09-09 09:26 +00:00 Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20117.
6.7
MEDIUM
CVE-2021-20117 2021-09-09 09:26 +00:00 Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20118.
6.7
MEDIUM
CVE-2021-20077 2021-03-19 17:46 +00:00 Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token.
6.7
MEDIUM
CVE-2020-5793 2020-11-05 18:11 +00:00 A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability.
7.8
HIGH
CVE-2019-16168 2019-09-09 14:07 +00:00 In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5
MEDIUM

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.