Cloud Agent in 2025: A Year of Scale, Security, and Smarter Visibility

As we move into 2026, 2025 stands out as a defining year for the Qualys Cloud Agent. In 2025, Cloud Agent delivered deeper visibility into running systems and applications , stronger security controls , expanded support across operating systems and architectures , and meaningful platform...

PT-2025-44893

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 Description A flaw exists that could allow an application to access sensitive user data on Intel-based Mac computers. This issue is related to a downgrade scenario an...

USN-7542-1 krb5 vulnerability

It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allowrc4 and allowdes3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users a...

CVE-2022-49194 net: bcmgenet: Use stronger register read/writes to assure ordering

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Use stronger register read/writes to assure ordering GCC12 appears to be much smarter about its dependency tracking and is aware that the relaxed variants are just normal loads and stores and this is causing proble...

CVE-2022-49194

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Use stronger register read/writes to assure ordering GCC12 appears to be much smarter about its dependency tracking and is aware that the relaxed variants are just normal loads and stores and this is causing proble...

PT-2025-7069

Name of the Vulnerable Software and Affected Versions: Crayfish versions prior to 4.1.0 Description: Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The exploit requires making a request against the Homarus's "/convert" endpoint. To redu...

PT-2024-29559 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 11.0.0 through 11.0.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For...

How Hybrid Password Attacks Work and How to Defend Against Them

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods,...

MAL-2024-2159 Malicious code in down_load_ebook_come_back_stronger_by_sophia_thiel_s4j40 (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-19363 · Ibm · Ibm Semeru Runtime

Name of the Vulnerable Software and Affected Versions: IBM Semeru Runtime versions 8.0.302.0 through 8.0.392.0 IBM Semeru Runtime versions 11.0.12.0 through 11.0.21.0 IBM Semeru Runtime versions 17.0.1.0 through 17.0.9.0 IBM Semeru Runtime version 21.0.1.0 Description: The issue is related to the...

PT-2024-10238 · Ibm · Ibm Devops Velocity +1

Name of the Vulnerable Software and Affected Versions: IBM DevOps Velocity version 5.0.0 IBM UrbanCode Velocity versions 4.0.0 through 4.0.25 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive...

PT-2024-15483 · Unknown · Sourcecodester Engineers Online Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A vulnerability was found in the processing of the file signup teacher.php, where the manipulation of the argument Password leads to weak password requirements. The attack may be...

PT-2023-20989 · Xpand It · Xpand It Write-Back Manager

Name of the Vulnerable Software and Affected Versions: Xpand IT Write-back Manager version 2.3.1 Description: The issue is related to the use of weak secret keys to sign JWT tokens, allowing attackers to obtain the secret key via a bruteforce attack. Recommendations: For Xpand IT Write-back Manag...

GSD-2022-1001189 net: bcmgenet: Use stronger register read/writes to assure ordering

net: bcmgenet: Use stronger register read/writes to assure ordering This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

Out-of-Band (OOB) Security Update available for CVE-2021-34527

Today Microsoft released an Out-of-Band OOB security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we...

Out-of-Band (OOB) Security Update available for CVE-2021-34527

Today Microsoft released an Out-of-Band OOB security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we...

PT-2021-9113 · Ibm · Ibm Security Guardium Data Encryption

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Data Encryption GDE version 3.0.0.2 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: F...

List of Security Fixes and Improvements in Veeam Agent for Linux

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Linux. The goal of this article is to provide our customers' security and compliance teams with the detailed information on security improvements between releases, in...

List of Security Fixes and Improvements in Veeam Agent for Microsoft Windows

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Microsoft Windows. This article aims to provide our customers' security and compliance teams with detailed information on security improvements between releases to he...

PT-2019-17041 · Ibm · Ibm Security Guardium Big Data Intelligence

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Big Data Intelligence SonarG version 4.0 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...