CVE-2023-0524

all versions

As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow

8.8HIGH

CVE-2023-24495

<= 5.23.1

A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible in

6.5MEDIUM

CVE-2023-24494

<= 5.23.1

A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before re

5.4MEDIUM

CVE-2023-24493

<= 5.23.1

A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to us

5.7MEDIUM

CVE-2023-0476

<= 5.23.1

A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users

6.5MEDIUM

CVE-2022-24828

< 5.21.0

Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileCont

8.3HIGH

CVE-2022-24785

< 5.21.0

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability

7.5HIGH

CVE-2022-0130

>= 5.14.0 and <= 5.19.1

Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote,

8.1HIGH

CVE-2021-44790

>= 5.16.0 and < 5.20.0

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua script

9.8CRITICAL

CVE-2021-44224

>= 5.14.0 and < 5.20.0

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for

8.2HIGH

CVE-2021-21707

< 5.21.0

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_

5.3MEDIUM

CVE-2021-41184

< 5.21.0

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the `.

6.5MEDIUM

CVE-2021-41183

< 5.21.0

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various *Text options o

6.5MEDIUM

CVE-2021-41182

< 5.21.0

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of

6.5MEDIUM

CVE-2021-41116

< 5.21.0

Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install

8.2HIGH

CVE-2021-40438

<= 5.19.1

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue a

9.0CRITICAL

CVE-2021-34798

<= 5.19.1

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

7.5HIGH

CVE-2021-3712

>= 5.16.0 and <= 5.19.1

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string dat

7.4HIGH

CVE-2021-3711

>= 5.16.0 and <= 5.19.1

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an applic

9.8CRITICAL

CVE-2021-33193

<= 5.19.1

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or

7.5HIGH

CVE-2021-23358

<= 5.18.0

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection

3.3LOW

CVE-2021-3449

>= 5.13.0 and <= 5.17.0

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renego

5.9MEDIUM

CVE-2021-20076

>= 5.13.0 and <= 5.17.0

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authentica

8.8HIGH

CVE-2021-23841

>= 5.13.0 and <= 5.17.0

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and seria

5.9MEDIUM

CVE-2020-5808

< 5.17.0

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone witho

7.5HIGH

CVE-2020-7070

< 5.19.0

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values,

4.3MEDIUM

CVE-2020-7069

< 5.19.0

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() fu

5.4MEDIUM

CVE-2020-7068

< 5.19.0

In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, ph

4.8MEDIUM

CVE-2020-7067

< 5.19.0

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), u

7.5HIGH

CVE-2020-5737

all versions

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script

5.4MEDIUM

CVE-2020-11656

<= 5.19.0

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs

9.8CRITICAL

CVE-2020-11655

< 5.19.0

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query bec

7.5HIGH

CVE-2020-7066

< 5.19.0

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if

5.3MEDIUM

CVE-2020-7065

< 5.19.0

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain inv

7.4HIGH

CVE-2020-7064

< 5.19.0

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() functio

6.5MEDIUM

CVE-2020-7063

< 5.19.0

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFrom

5.5MEDIUM

CVE-2020-7061

< 5.19.0

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain con

6.5MEDIUM

CVE-2020-7060

< 5.19.0

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7

6.5MEDIUM

CVE-2020-7059

< 5.19.0

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x be

6.5MEDIUM

CVE-2019-19919

< 5.19.0

Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter

9.8CRITICAL

CVE-2019-19646

< 5.19.0

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

9.8CRITICAL

CVE-2019-19645

< 5.19.0

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in con

5.5MEDIUM

CVE-2019-11043

< 5.19.0

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possibl

8.7HIGH

CVE-2019-11042

< 5.19.0

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below

7.1HIGH

CVE-2019-11041

< 5.19.0

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below

7.1HIGH

CVE-2019-8331

< 5.19.0

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

6.1MEDIUM