Tenable Blog

As vulnerability management evolves, organizations are seeing increased need for prioritization, benchmarking and flexible reporting. Here are five things to keep in mind when choosing a VM solution.

Vulnerability management is once again rising to the top of the security agenda — driven by the risks from new technologies, speed of new threats and greater board attention on cybersecurity. As a result, many organizations are now modernizing their VM programs.

What’s out: CVSS-based prioritization, blind spots, inflexible reporting.

Administrators rejoice: only nine of the 59 vulnerabilities in Microsoft's October 2019 Security Update are rated critical.

Microsoft’s October 2019 Patch Tuesday contains updates for 59 CVEs, nine of which are rated critical. Administrators may rejoice this month with a smaller than usual Patch Tuesday. The following is a breakdown of the most important CVEs from this month’s release.

The new Solutions view page in Tenable.sc 5.12 helps you unlock the power of Predictive Prioritization and the Vulnerability Priority Rating. Here’s how.

The National Vulnerability Database has analyzed nearly 13,000 vulnerabilities so far in 2019. Patching each of those vulnerabilities requires time, effort and resources. But where does one start? How do you identify those vulnerabilities with the highest likelihood of causing a business-disrupting event in your unique environment? Which do you fix first? 

CVE-2019-16928, a critical heap-based buffer overflow vulnerability in Exim email servers, could allow remote attackers to crash Exim or potentially execute arbitrary code.

New critical zero-day pre-auth RCE exploit code published on Full Disclosure mailing list for 5.x versions of vBulletin (CVE-2019-16759).

UPDATE 09/25/2019: The background and solution sections below have been updated to reflect the security patch issued by the vBulletin team.