Vulnerabilities > Qualys > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-28140 Uncontrolled Search Path Element vulnerability in Qualys Cloud Agent 3.1.3.34
An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1.
local
high complexity
qualys CWE-427
7.0
2023-04-18 CVE-2023-28142 Race Condition vulnerability in Qualys Cloud Agent 3.1.3.34
A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1.
local
high complexity
qualys CWE-362
7.0
2023-04-18 CVE-2023-28143 Untrusted Search Path vulnerability in Qualys Cloud Agent 2.5.175
Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older) versions. Attackers may exploit incorrect file permissions to give them ROOT command execution privileges on the host.
local
high complexity
qualys CWE-426
7.0
2022-08-18 CVE-2022-29549 Improper Validation of Integrity Check Value vulnerability in Qualys Cloud Agent for Linux
An issue was discovered in Qualys Cloud Agent 4.8.0-49.
local
low complexity
qualys CWE-354
7.3