This page contains information regarding security vulnerabilities that may impact Tenable's products. This may include issues specific to our software, or due to the use of third-party libraries within our software. Tenable strongly encourages users to ensure that they upgrade or apply relevant patches in a timely manner.
Tenable takes product security very seriously. If you believe you have found a vulnerability in one of our products, we ask that you please work with us to quickly resolve it in order to protect customers. Tenable believes in responding quickly to such reports, maintaining communication with researchers, and providing a solution in short order.
For more details on submitting vulnerability information, please see our Vulnerability Reporting Guidelines page.
Find something in one of our products?
|January 9, 2015||TNS-2015-01||[R1] NTP Vulnerabilities Affects Tenable Appliance||High|
|November 7, 2014||TNS-2014-11||[R4] OpenSSL Vulnerabilities (20141015) Affect Tenable Products||High|
|November 5, 2014||TNS-2014-10||[R1] PHP Integer Overflow Affects Tenable's SecurityCenter||Medium|
|October 19, 2014||TNS-2014-09||[R4] SSLv3 Protocol Vulnerability Affects Tenable Products (POODLE)||Low|
|October 7, 2014||TNS-2014-08||[R1] Tenable Nessus Web UI Scanned Content Stored XSS||Medium|
|September 25, 2014||TNS-2014-07||[R5] GNU bash 'Shellshock' Vulnerability Affects Tenable Appliance||Critical|
|August 21, 2014||TNS-2014-06||[R2] OpenSSL Protocol Downgrade Vulnerability Affects Tenable Products||Low|
|July 21, 2014||TNS-2014-05||[R4] Tenable Nessus Web UI /server/properties token Parameter Remote Information Disclosure||Info|
|July 16, 2014||TNS-2014-04||[R4] PHP / Apache Vulnerabilities Affect Tenable SecurityCenter||High|
|June 12, 2014||TNS-2014-03||[R6] OpenSSL 'CCS Injection' Vulnerability Affects Tenable Products||Medium|
|April 9, 2014||TNS-2014-02||[R6] OpenSSL 'Heartbleed' Vulnerability Affects Tenable SecurityCenter||Medium|
|March 20, 2014||TNS-2014-01||[R2] Tenable Nessus Malicious Process Detection Temporary Service Binary Modification Local Privilege Escalation||Medium|
|September 23, 2013||TNS-2013-01||[R3] Tenable SecurityCenter devform.php message Parameter Reflected XSS||Medium|
|October 25, 2011||TNS-2011-01||[R3] OpenSSL SSL/TLS Renegotiation Saturation Remote DoS Affects Tenable Products||Medium|
|October 27, 2010||TNS-2010-03||[R1] QtWeb Path Subversion Vulnerability Affects Tenable Nessus||Medium|
|July 26, 2010||TNS-2010-02||[R1] Tenable Nessus Web UI /feed Method Remote Version Disclosure||Info|
|June 24, 2010||TNS-2010-01||[R2] Tenable Nessus Web UI Reflected XSS||Medium|