新漏洞相关信息一经发现便会公布于众,然后 Tenable Research 便会致力于设计各种程序来检测新漏洞。上述程序为指定型插件,使用 Nessus Attack Scripting Language (NASL) 编写。这些插件包含漏洞信息、一组简化的修复操作以及检测是否存在安全问题的算法。Tenable Research 发布了 100782 个插件,包括 69676 个 CVE ID 和 23666 个 Bugtraq ID。
ID | 名称 | 产品 | 系列 | 严重程度 |
---|---|---|---|---|
114273 | CrushFTP < 10.7.1/11.x < 11.1.0 VFS 沙盒逃逸 | Web App Scanning | Component Vulnerability | high |
114272 | PHP 8.1.x < 8.1.28 多个漏洞 | Web App Scanning | Component Vulnerability | critical |
114271 | PHP 8.2.x < 8.2.18 多个漏洞 | Web App Scanning | Component Vulnerability | critical |
114270 | PHP 8.3.x < 8.3.6 多个漏洞 | Web App Scanning | Component Vulnerability | critical |
114269 | 已启用 Django 调试模式 | Web App Scanning | Component Vulnerability | high |
114268 | Formidable PRO2PDF Plugin for WordPress < 3.11 SQL 注入 | Web App Scanning | Component Vulnerability | high |
114267 | Gift Cards (Gift Vouchers and Packages) Plugin for WordPress < 4.3.3 SQL 注入 | Web App Scanning | Component Vulnerability | critical |
114266 | WP Popup Banners Plugin for WordPress <= 1.2.5 SQL 注入 | Web App Scanning | Component Vulnerability | high |
114265 | Events Made Easy Plugin for WordPress <= 2.3.14 SQL 注入 | Web App Scanning | Component Vulnerability | high |
114264 | One-click Countdowns Plugin for WordPress <= 0.6.2 SQL 注入 | Web App Scanning | Component Vulnerability | high |
ID | 名称 | 产品 | 系列 | 严重程度 |
---|---|---|---|---|
114273 | CrushFTP < 10.7.1/11.x < 11.1.0 VFS 沙盒逃逸 | Web App Scanning | Component Vulnerability | high |
193668 | RHEL 5/6:httpd 和 httpd22 (RHSA-2011:1329) | Nessus | Red Hat Local Security Checks | high |
193667 | RHEL 5:tomcat6 (RHSA-2011:0348) | Nessus | Red Hat Local Security Checks | medium |
193602 | Slackware Linux 15.0 / 当前版 freerdp 多个漏洞 (SSA:2024-110-01) | Nessus | Slackware Local Security Checks | critical |
193601 | Oracle Linux 9:java-17-openjdk (ELSA-2024-1825) | Nessus | Oracle Linux Local Security Checks | low |
193599 | 已安装 FFmpeg (Linux / Unix) | Nessus | Misc. | info |
193598 | FFmpeg < 7.0 多个漏洞 | Nessus | Misc. | medium |
193586 | Cisco Integrated Management Controller CLI 命令注入 (cisco-sa-cimc-cmd-inj-mUx4c5AJ) | Nessus | CISCO | high |
193585 | SolarWinds Platform 2024.0 < 2024.1.1 多个漏洞 XSS | Nessus | CGI abuses | high |
193582 | Oracle MySQL Connectors Python(2024 年 4 月 CPU) | Nessus | Misc. | high |