Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Jimi Sebree

Staff Research Engineer, Zero Day Research

Since joining in 2014, Jimi has taken on multiple roles within Tenable. He’s been involved in most aspects of the plugin lifecycle at one point or another and has been responsible for the creation and maintenance of several core plugin frameworks. Prior to joining the Zero Day Research team, he was responsible for the design, creation, and launch of an internal automation initiative that serves as a primary datasource for products and workflows within Tenable.

Jimi is an avid rock climber and beer enthusiast. During the warmer months, he can be found in a gym pulling on plastic, but as the weather cools, he frequently disconnects to wander into the woods of the Southeast for some good ol' pebble wrestlin'.

Research Advisory
Tuesday, February 16, 2021

JSDom improperly allows the loading of local resources. Modern browser best practices dictate that the loading of local resources should be disallowed by default. From documentation, JSDom does not, by...

Research Advisory
Tuesday, February 16, 2021

(1) Exposure of Sensitive Information to an Unauthorized Actor CVSSv3 Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:L/ I:N/A:N) Syslog events are displayed unauthenticated on the device. The below screenshot shows what an unauthenticated user would...

Research Advisory
Tuesday, December 15, 2020

The CarbonBlack installer package for macOS (CbDefense Install_3.4.3.44 and prior) has been discovered to contain multiple security-related issues. The installer utilizes insecure directories during the installation process. The two directories...

Research Advisory
Friday, December 4, 2020

Druva inSync Privilege Escalation via Installer In the installation package for macOS provided by Druva (install inSync.pkg), the "postinstall" script included in the installer allows for privilege escalation from a...

Research Advisory
Thursday, December 3, 2020

Backdoor Account Hardcoded into the applications is an administrative backdoor that could allow an attacker to manipulate information with administrative controls that they normal would not have access to. For...

Research Advisory
Monday, November 23, 2020

Multiple internet record lookup tools were found to be vulnerable to cross-site scripting attacks via malicious DNS or WHOIS records. By inserting malicious javascript into a DNS TXT record or...

Research Advisory
Tuesday, September 22, 2020

CVE-2020-5781 - Cross-site scripting and Denial of Service CVSSv2 Base Score: 5.5 CVSSv2 Vector: (AV:N/AC:L/Au:S/C:N/I :P/A:P ) It was noted during testing that when a user logs in the langSelection...

Research Advisory
Monday, September 14, 2020

CVE-2020-4711 The flaw exists in /opt/ECX/tools/scripts/restore_wrapper.sh, where a directory path check can be bypassed via path traversal (i.e.,/tmp/../any/dir/in/the/file/system): ... if [ ${mode} == "initialize" ]; then if [ $# -ne...

Research Advisory
Wednesday, September 2, 2020

CVE-2020-5778: Message 8 Unauthenticated Remote DoS. A flaw exists in ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200...

Research Advisory
Friday, June 19, 2020

When utilizing shared folder functionality via vmware-tools on macOS guests, the HGFS implementation does not use adequate bounds checking when replacing illegal characters in a filename. When sharing files with...

Pages

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.