Security advisories.
Software flaws found by Qualys.
The Qualys Vulnerability and Malware Research Labs (VMRL) is tasked with the investigation of software packages to find new flaws. Once found, we work with the software owner to get the flaw registered (CVEs), and then we assist with the quickest resolution possible by providing detailed technical information, including proof of concept code.
This list of advisories provides insight into the specific vulnerabilities reported.
-
Jul 1, 2024
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (cve-2024-6387)
-
Jan 30, 2024
-
Jan 30, 2024
Nontransitive comparison functions lead to out-of-bounds read & write in glibc's qsort()
-
Oct 3, 2023
-
Jul 19, 2023
Remote code execution in OpenSSH's forwarded ssh-agent (CVE-2023-38408)
Accompanying code:
rce-openssh-forwarded-ssh-agent.tar.gz -
Jun 6, 2023
-
Nov 30, 2022
-
Oct 24, 2022
Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
-
Feb 17, 2022
Oh Snap! More Lemmings (Local Privilege Escalation in snap-confine) (CVE-2021-44731)
-
Jan 25, 2022
-
Jul 20, 2021
Denial of service (stack exhaustion) in systemd (PID 1) (CVE-2021-33910)
Accompanying exploit:
cve-2021-33910-crasher.c -
Jul 20, 2021
Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909)
Accompanying exploit:
cve-2021-33909-crasher.c
cve-2021-33909-exploit.tar.gz -
May 4, 2021
-
Jan 26, 2021
-
May 19, 2020
15 years later: Remote Code Execution in qmail (CVE-2005-1513)
Accompanying exploit:
remote-code-execution-qmail.tar.gz -
Feb 24, 2020
LPE and RCE in OpenSMTPD's Default Install (CVE-2020-8794)
Accompanying exploit:
lpe-rce-opensmtpd-default-install-exploit.c -
Feb 24, 2020
Local Information Disclosure in OpenSMTPD (CVE-2020-8793)
Accompanying exploit:
local-information-disclosure-opensmtpd-exploit.c -
Jan 28, 2020
LPE and RCE in OpenSMTPD (CVE-2020-7247)
Blog post: How to detect and remediate
Patch available at https://www.openbsd.org/errata66.html -
Dec 11, 2019
-
Dec 4, 2019
-
Jun 5, 2019
-
Jan 9, 2019
-
Sep 25, 2018
Mutagen Astronomy: Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)
Accompanying exploits:
poc-exploit.c
poc-suidbin.c -
Jun 11, 2018
-
May 17, 2018
-
Apr 10, 2018
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability (DSA-2018-025)
-
Mar 1, 2018
Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Security Updates
-
Dec 13, 2017
-
Dec 11, 2017
Memory Leak (CVE-2017-1000408) and Buffer Overflow (CVE-2017-1000409) in GNU C Library Dynamic Loader (ld.so)
-
Oct 26, 2017
Use of hard-coded cryptographic key (CVE-2017-14021) and hard-coded credentials (CVE-2017-14027) in multiple Korenix JetNet devices
-
Sep 26, 2017
Linux PIE/stack Corruption (CVE-2017-1000253)
cve-2017-1000253.c - accompanying exploit for CentOS-7 kernel versions 3.10.0-514.21.2.el7.x86_64 and 3.10.0-514.26.1.el7.x86_64
-
Aug 24, 2017
-
Jul 1, 2017
-
Jul 1, 2017
Unquoted Search Path Vulnerability (Active Roles Synchronization Service)
-
Jun 27, 2017
Multiple Vulnerabilities in Multiple Brickcom Devices (CVE-2017-9235, CVE-2017-9236, CVE-2017-9237, CVE-2017-9238)
-
Jun 19, 2017
-
Jun 16, 2017
Unquoted Search Path Vulnerability (Active Roles Administration Service)
-
Jun 8, 2017
-
May 30, 2017
-
Mar 26, 2017
D-Link Network Camera DCS-936L Weak CSRF Protection Vulnerability (CVE-2017-7851)
-
Mar 12, 2017
D-Link DIR-615 Router Multiple Vulnerabilities (CVE-2017-7404, CVE-2017-7405 and CVE-2017-7406)
-
Mar 10, 2017
-
Mar 7, 2017
Multiple Vulnerabilities in ACTi Cameras Models from the D, B, I, and E series (CVE-2017-3184, CVE-2017-3185, CVE-2017-3186)
-
Feb 28, 2017
-
Feb 22, 2017
-
Jan 18, 2017
-
Jan 12, 2017
Multiple Vulnerabilities in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5.x
-
Jan 3, 2017
Information Disclosure vulnerability in Netgear DGN2200, DGND3700 & WNDR4500 routers (CVE-2016-5649, CVE-2016-5638)
-
Dec 6, 2016
-
Nov 2, 2016
Sensitive Information Disclosure Vulnerability in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5.x
-
Oct 26, 2016
Multiple Vulnerabilities in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5.x
-
Jun 10, 2016
Netgear D6000 and D3600 hard-coded cryptographic keys authentication bypass (CVE-2015-8288, CVE-2015-8289)
-
Jan 14, 2016
-
Oct 15, 2015
-
Oct 2, 2015
-
Aug 24, 2015
-
Jul 23, 2015
userhelper chfn() newline filtering and libuser passwd file handling (CVE-2015-3245 and CVE-2015-3246)
roothelper.c - an unusual local root exploit
-
Feb 12, 2015
-
Jan 27, 2015
-
Jul 27, 2014
-
Feb 2, 2014
-
Jun 15, 2012
-
May 7, 2012
Memory Corruption when Adobe Shockwave Player Parses .dir Media File (CVE-2012-2031)
-
May 7, 2012
Memory Corruption when Adobe Shockwave Player Parses .dir Media File (CVE-2012-2030)
-
May 7, 2012
Memory Corruption when Adobe Shockwave Player Parses .dir Media File (CVE-2012-2029)
-
May 7, 2012
-
May 7, 2012
-
May 4, 2012