Lucene search
+L

15 matches found

Qualys Blog
Qualys Blog
added 2026/04/10 5:26 p.m.9 views

The Mythos Inflection Point: Dealing With the Upcoming Vulnerability Disclosure Avalanche and Compressed Exploitation Window

Having spent years at Qualys working on vulnerability risk and remediation management, I have watched the disclosure and remediation cycles from every angle. I have seen vulnerability researchers find a critical flaw in OpenSSH and the industry scramble to respond. I have seen organizations...

5.9AI score
Exploits0
OpenVAS
OpenVAS
added 2025/01/28 12:0 a.m.9 views

Lexmark Printer SSRF Vulnerability (CVE-2023-50733)

Multiple Lexmark printer devices are prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

8.6CVSS8.8AI score0.00408EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/04/05 12:0 a.m.18 views

Lexmark Printer RCE Vulnerability (CVE-2023-50739)

Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...

8.8CVSS8.9AI score0.00609EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2024/03/13 5:17 p.m.21 views

De-risking Your Organization in Spite of NVD Delays

In the face of recent struggles with the National Vulnerability Database NVD, causing delays in analyzing Common Vulnerabilities and Exposures CVEs since February 12, 2024, a significant number of CVEs lacked essential metadata including severity scores and affected product details. Qualys remain...

7.1AI score
Exploits0
NCSC
NCSC
added 2024/02/05 12:0 a.m.10 views

Vulnerabilities fixed in QNAP QTS and QTS Hero

QNAP has fixed vulnerabilities in QTS and QTS Hero. A malicious party can exploit the vulnerabilities to bypass security measures, grant himself elevated privileges granted and execute code with administrator privileges and gain access to sensitive data on the vulnerable system. Successful misuse...

9.8CVSS7.4AI score0.01405EPSS
Exploits0
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

Qualcomm 芯片 资源管理错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. There is a security vulnerability in Qualcomm chips. No information about thi...

7.8CVSS7.3AI score0.00122EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.7 views

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS. No information about this vulnerability is...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/03 12:0 a.m.4 views

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the manufacturer's announcement...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References3
NCSC
NCSC
added 2022/07/08 12:0 a.m.3 views

Vulnerability fixed in rsyslog

The developers of rsyslog have fixed a vulnerability in rsyslog. A malicious party could exploit the vulnerability to cause a denial-of-service, or to potentially manipulate data manipulate and thus potentially inject false information into the central syslog environment. The developers do not ru...

8.1CVSS7.2AI score0.03821EPSS
Exploits0
CNNVD
CNNVD
added 2022/03/04 12:0 a.m.5 views

OMRON Corporation 缓冲区错误漏洞

OMRON Corporation is an industrial control product. A security vulnerability exists in OMRON Corporation, no information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

7.8CVSS7.2AI score0.01456EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2020/12/08 12:0 a.m.57 views

Amnesia:33

Amnesia:33 is a group of 33 vulnerabilities in open-source TCP/IP stack libraries. The vulnerabilities may be present in a wide range of operational technology, IoT, and connected device implementations. Recent assessments: ccondon-r7 at December 08, 2020 9:05pm UTC reported: Sorta relying here o...

9.8CVSS1.9AI score0.58695EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.10 views

Google Android Buffer Error Vulnerability

Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android Pixel has a security vulnerability, there is currently no information about this vulnerability, please stay tuned to CNNVD or the manufacturer's announcement...

9.8CVSS7.2AI score0.00654EPSS
Exploits0References3
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/05/04 12:0 p.m.14 views

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 30, 2018

When I was little, I discovered the joy of jumping on the bed. While it was fun to jump on the bed, I wanted to make it more challenging so I started to imitate the ski jumpers I had seen during the 1976 Winter Olympics and jump from my parents’ dresser to the bed. I quickly found out there’s a...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2016/07/22 12:0 a.m.22 views

SAP NetWeaver AS Java Information Disclosure Vulnerability (2255990) - Active Check

SAP NetWeaver Application Server AS Java is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.3CVSS5.2AI score0.02413EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/03/28 12:0 a.m.27 views

RealPlayer PNG Deflate Algorithm Heap Corruption Arbitrary Code Execution

According to its build number, the installed version of RealPlayer / RealOne Player / RealPlayer Enterprise for Windows has a flaw in the remote version that may allow an attacker to execute arbitrary code on the remote host, with the privileges of the user running RealPlayer. To do so, an attack...

5.1CVSS6.1AI score0.02957EPSS
Exploits0References3
Rows per page
Query Builder