GCVE - cpe:2.3:a:tenable:tenable_nessus:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:tenable:tenable_nessus:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Tenable (`c0ec4e71-d667-5327-b3ed-b4c21aa5a87e`)
Product	Tenable Nessus (`679eaa4e-badf-5ae8-b511-eb2cff7f2e7d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-3961`	vulnerable	2026-06-03 14:40:28.001576	Details available Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a users browser session. Published: 2019-06-25T20:27:56.000Z Updated: 2024-08-04T19:26:27.660Z Open on db.gcve.eu Reference links https://www.tenable.com/security/tns-2019-04 http://www.securityfocus.com/bid/108892	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-3923`	vulnerable	2026-06-03 14:40:27.877547	Details available Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser session. Tenable has released Nessus 8.2.2 to address this issue. Published: 2019-02-12T04:00:00.000Z Updated: 2024-09-17T02:10:57.993Z Open on db.gcve.eu Reference links https://www.tenable.com/security/tns-2019-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-1148`	vulnerable	2026-06-03 14:38:30.398135	Details available In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change. Published: 2018-05-18T22:00:00.000Z Updated: 2024-09-17T04:09:03.404Z Open on db.gcve.eu Reference links https://www.tenable.com/security/tns-2018-05 http://www.securitytracker.com/id/1040918	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-1147`	vulnerable	2026-06-03 14:38:30.397756	Details available In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings. Published: 2018-05-18T22:00:00.000Z Updated: 2024-09-16T22:09:28.813Z Open on db.gcve.eu Reference links https://www.tenable.com/security/tns-2018-05 http://www.securitytracker.com/id/1040918	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.