Tenable Nessus_agent

11 CVEs affecting Tenable Nessus_agent. Latest disclosed: 2026-02-13. Critical: 0, High: 5.

Top CVEs affecting Tenable Nessus_agent
CVESeverityScorePublishedSummary
CVE-2025-36633High8.82025-06-13In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTE…
CVE-2025-36631High8.42025-06-13In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log…
CVE-2025-36632High7.82025-06-16In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege.
CVE-2020-5793High7.82020-11-05A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to c…
CVE-2021-3450High7.42021-03-25The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from…
CVE-2023-5847Medium6.72023-11-01 Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and L…
CVE-2021-20118Medium6.72021-09-09Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run s…
CVE-2021-20117Medium6.72021-09-09Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run s…
CVE-2021-20077Medium6.72021-03-19Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessu…
CVE-2019-16168Medium6.52019-09-09In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field…
CVE-2026-2026Medium6.12026-02-13A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially per…