Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qualys cloud agent vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2023-28140
An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions prior to 4.5.3.1. Attackers may load a malicious copy of a Dependency Link Library (DLL) via a local attack vector instead of the DLL that the application was expecting, when proc...
Qualys Cloud Agent
6.3
CVSSv3
CVE-2023-28141
An NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions prior to 4.8.0.31. Attackers may write files to arbitrary locations via a local attack vector. This allows malicious users to assume the privileges of the process, and they may delete or...
Qualys Cloud Agent
7
CVSSv3
CVE-2023-28142
A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and prior to 4.5.3.1. This allows malicious users to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain ...
Qualys Cloud Agent
7
CVSSv3
CVE-2023-28143
Qualys Cloud Agent for macOS (versions 2.5.1-75 prior to 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older) versions. Attackers may exploit incorrect file permissions to give them ROOT c...
Qualys Cloud Agent
5.5
CVSSv3
CVE-2022-29550
An issue exists in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circu...
Qualys Cloud Agent 4.8.0-49
7.3
CVSSv3
CVE-2022-29549
An issue exists in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks (e.g., to help ensure that a program was installed by root) and without integrity checks (e.g., a checksum comparison against known ...
Qualys Cloud Agent For Linux
7.8
CVSSv3
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
143 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started