Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Qualys Blog
Qualys Blogadded 2022/10/31 2:15 p.m.89 views

Qualys Research Alert: OpenSSL 3.0.7 – What You Need To Know

On Tuesday, November 1, 2022, the OpenSSL project released a new version of OpenSSL with version 3.0.7. This update patches two buffer overflow vulnerabilities which can be triggered in X.509 certificate verification. These vulnerabilities only apply to OpenSSL 3.x. Both these vulnerabilities are...

8.6AI score0.83506EPSS
Exploits6
Qualys Blog
Qualys Blogadded 2022/01/27 7:56 p.m.23 views

Simplifying Cloud Asset Identification in a Multi-Cloud Environment

Enterprises struggle to get an accurate asset inventory in multi-cloud or hybrid cloud environments. Qualys enhances the metadata for cloud assets while simplifying the collection process. This blog explains how this functionality expedites the identification process, easily identifies vulnerable...

0.1AI score
Exploits0
Qualys Blog
Qualys Blogadded 2021/12/14 11:55 p.m.277 views

Log4Shell Exploit Detection and Response with Qualys Multi-Vector EDR

Author: Hiep Dang & Malware Threat Research Team On Dec 9, 2021, the world first learned about the Log4Shell vulnerability aka Log4J CVE-2021-44228 found in the Log4j2 library commonly used by Java applications. Since then, everyone in the cybersecurity industry has been scrambling to understand...

9.3CVSS10AI score0.94358EPSS
Exploits342
Hacker One
Hacker Oneadded 2019/11/04 7:36 a.m.23 views

GSA Bounty: Cache poisoning DoS to various TTS assets

I have recently come across a technique to force a Cloudfoundry app to return a HTTP 404 error when requesting any resource, which contains cache friendly headers. What this means is, if the Cloudfoundry app in question is behind a web cache like Cloudfront or Cloudflare etc, it will possibly sto...

7.1AI score
Exploits0
Qualys Blog
Qualys Blogadded 2017/06/19 5:57 p.m.25 views

Visualizing the Stack Clash Vulnerability with Dashboards

Security teams should apply vendor patches immediately to protect their Linux, OpenBSD, NetBSD, FreeBSD and Solaris infrastructure from The Stack Clash vulnerability also see the security advisory. To help in that effort, this blog post describes a new built-in Qualys AssetView dashboard to...

6.8AI score
Exploits0
ThreatPost
ThreatPostadded 2017/05/18 12:5 p.m.9 views

Senate's Use of Signal A Good First Step, Experts Say

On Tuesday the United States Senate made it official and approved the use of encrypted messaging app Signal by staffers. Encryption advocates applauded the measure, but say more needs to be done to protect “civic” infrastructure critical to democracy. “The move to secure communications...

0.7AI score
Exploits0References4
Rows per page
Query Builder