Tenable: Security Vulnerabilities
A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.
CVSS Score
6.9
EPSS Score
0.0
Published
2014-04-11
Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 through 4.7 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-09-24
Page 16