Since joining in 2014, Jimi has taken on multiple roles within Tenable. He’s been involved in most aspects of the plugin lifecycle at one point or another and has been responsible for the creation and maintenance of several core plugin frameworks. Prior to joining the Zero Day Research team, he was responsible for the design, creation, and launch of an internal automation initiative that serves as a primary datasource for products and workflows within Tenable.
When sharing zip files in Microsoft Teams, it is possible to preview the directory structure of the uploaded zip by clicking on it in the chat window or by viewing it in the Files tab of t
Tenable has discovered a privilege escalation vulnerability in the Bitmask Riseup VPN 0.21.6 (the latest version on bitmask.net/en/install, marked as 0.21.2 there) as installed on Windows 10.
The following security-related issues have been found in the latest available firmware for the Nighthawk R6700v3 AC1750 consumer routing device (1.0.4.120 at the time of this writing).
In the latest installation package for Netgear Genie for macOS, the "postinstall" script included in the installer allows for local privilege escalation to root privileges due to improper pe
The following security-related issues have been found in the latest available firmware for the Nighthawk RAX43 consumer routing device (1.0.3.96 at the time of this writing).
Unauthenticated Command Injection / Authentication Bypass Buffer Overrun via LAN Interface
This vulnerability is a combination of two separate bugs.
Improper Firewall Rules - CVE-2021-20149
The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default.
In the installation package for AutoDesk Meshmixer for macOS prior to December 22, 2021, the "postinstall" script included in the installer allows for local privilege escalation to root priv
The administration web interface for the SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as changing the administrative password) without the consent of the user. A proof of concept web page can be constructed as follows:
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management.
Buy Tenable Web App Scanning
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Tenable Nessus is the most comprehensive vulnerability scanner on the market today.
Fill out the form below to continue with a Nessus Pro trial.
Buy Tenable Nessus Professional
Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements
Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.
Thank you.
You should receive a confirmation email shortly and one of our Sales Development Representatives will be in touch. Route any questions to [email protected].
Request a demo
Tenable Patch Management
Streamline security and IT collaboration and shorten the mean time to remediate with automation.
Contact our sales team