CGI abuses Family for Nessus

ID	Name	Severity
142420	WordPress < 5.5.2 Multiple Vulnerabilities	critical
141847	MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS (Oct 2020 CPU)	high
141828	Atlassian JIRA < 8.5.9 / 8.6.x < 8.12.3 / 8.13.x < 8.13.1 XSS (JRASERVER-71652)	medium
141810	WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615)	critical
141799	Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696)	medium
141785	Oracle Primavera Gateway (Oct 2020 CPU)	critical
141781	DrayTek Vigor < 1.5.1 Unauthenticated RCE (Direct Check)	critical
141641	Oracle Primavera Unifier (Oct 2020 CPU)	critical
141576	Selligent Message Studio Struts Code Execution (CVE-2017-5638)	critical
141575	Selligent Message Studio Detection	info
141366	MobileIron Core 10.3.0.x < 10.3.0.4-19 / 10.4.0.x < 10.4.0.4-22 / 10.5.1.1 < 10.5.1.1-22 / 10.5.2.1 < 10.5.2.1-14 / 10.6.0.1 < 10.6.0.1-19 / 10.7.0.0 < 10.7.0.0-28	critical
141355	PHP 7.2 < 7.2.34 / 7.3.x < 7.3.23 / 7.4.x < 7.4.11 Mulitiple Vulnerabilities	medium
140798	Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474)	high
140790	Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX281474)	high
140770	HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilities	critical
140769	Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.12.0 User Enumeration (JRASERVER-71560)	medium
140768	Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.10.2 / 8.11.x < 8.11.1 DoS (JRASERVER-71388)	medium
140767	Atlassian Jira < 8.5.8 / 8.6.0 < 8.11.1 Sensitive Data Exposure (JRASERVER-71536)	medium
140766	Drupal 7.x < 7.73 / 8.8.x < 8.8.10 / 8.9.x < 8.9.6 / 9.0.x < 9.0.6 XSS (drupal-2020-09-16)	medium
140765	Drupal 8.8.x < 8.8.10 / 8.9.x < 8.9.6 / 9.0.x < 9.0.6 Multiple Vulnerabilities (drupal-2020-09-16)	high
140696	CodeMeter < 7.10a Multiple Vulnerabilities	critical
140695	CodeMeter < 7.10 Information Exfiltration Vulnerability	high
140694	CodeMeter < 6.90 License forging Vulnerability	high
140693	CodeMeter < 6.81 Denial of Service Vulnerability	high
140660	Atlassian Jira 8.0 < 8.9.1 XSS in Quick Search (JRASERVER-71205)	medium
140658	McAfee Email Gateway Web Mail User Interface Directory Traversal (SB10329)	medium
140577	WordPress Plugin 'Email Subscribers & Newsletters' < 4.5.6 Email Forgery/Spoofing Vulnerability.	medium
140533	PHP 7.4.x < 7.4.10 Memory Leak Vulnerability	high
140532	PHP 7.2.x / 7.3.x < 7.3.22 Memory Leak Vulnerability	high
140466	WordPress Plugin 'File Manager' elFinder Remote Code Execution	critical
140211	WordPress Plugin 'File Manager' 6.x < 6.9 Remote Code Execution	critical
140193	WordPress Plugin 'Duplicator' Directory Traversal (CVE-2020-11738)	high
140192	Citrix SD-WAN WANOP 10.2.x Multiple Vulnerabilities (CTX276688)	medium
140188	Marvell QConvergeConsole (QCC) FlashValidatorServiceImpl decryptFile Path Traversal RCE	critical
139875	Joomla 2.5.x < 3.9.21 Multiple Vulnerabilities (5821-joomla-3-9-21)	medium
139873	WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities	medium
139872	WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure	high
139798	Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Avatar Upload DoS (JRASERVER-70813)	medium
139797	Atlassian Jira < 7.13.12, 8.x < 8.5.4, 8.6.x < 8.6.1 Broken Access Control (JRASERVER-70543)	medium
139795	Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.6.1 Jira Gadget API DoS (JRASERVER-70808)	medium
139751	EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.1 Multiple Vulnerabilities	medium
139750	EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.2 Multiple Vulnerabilities	high
139749	EMC RSA Archer < 6.6.0.6 and < 6.7.0.3 authorization bypass	medium
139734	Jenkins < 2.235.5 LTS / 2.243 Information Disclosure Vulnerability	critical
139726	Jenkins < 2.235.4 LTS / 2.252 Multiple Cross-Site Scripting (XSS) Vulnerabilities	medium
139571	PHP 7.2.x < 7.2.33 Use-After-Free Vulnerability	low
139570	PHP 7.4.x < 7.4.9 Use-After-Free Vulnerability	low
139569	PHP 7.3.x < 7.3.21 Use-After-Free Vulnerability	low
139457	vBulletin CVE-2019-16759 Bypass Remote Code Execution (CVE-2020-17496) (direct check)	critical
139386	Ansible Tower 3.x.x < 3.7.2 / 3.8.0 Data Exposure	medium

Detections

Analytics

CGI abuses Family for Nessus

critical

high

medium

critical

medium

critical

critical

critical

critical

info

critical

medium

high

high

critical

medium

medium

medium

medium

high

critical

high

high

high

medium

medium

medium

high

high

critical

critical

high

medium

critical

medium

medium

high

medium

medium

medium

medium

high

medium

critical

medium

low

low

low

critical

medium