Qualys Vulnerability Detection (QID) Recurring Vendor and Product Support Index

The contents of this page supplement the Qualys New QID Development, Prioritization, and Feature Request Process.

Qualys vendor and product vulnerability detection coverage are dynamic. We are constantly expanding our list of supported vendors and products.

The static table below includes, but is not limited to, the vendor and product technologies Qualys has determined to be commercially viable and recurringly supports through the release of vulnerability detection signatures (QIDs).

If you cannot locate a specific vendor or product in the list below, please contact 24/7/365 customer & technical support, or your Technical Account Manager (TAM), to request additional information.

​​​​​​​The table also offers insights into the estimated detection delivery time. The clock begins with an actionable vulnerability release and ends with the production release of vulnerability detection coverage (QID).

Following is the list of technologies that fall under the Recurring Vulnerability Coverage Criteria as defined by the Qualys Vulnerability Research Team. All technologies listed have a Targeted Release Timeline (Hours) of 48-72 from the time a vendor releases a security advisory, unless otherwise specified.

Please take note of the technologies in highlighted rows as these have additional prerequisites1 that must be satisfied that extend the Targeted Release Timeline (in hours) to 72+.

The Qualys Vulnerability Research Team aims to meet the delivery targets listed below whenever possible; exceptions should be expected.  Please direct any questions regarding delivery targets to your Technical Account Manager (TAM) directly to request additional information.

Table Last Updated: 2022-12-06

Vendor Product
7-zip 7ZIP
Adobe Acrobat
Adobe After Effects
Adobe Animate
Adobe Audition
Adobe Brackets
Adobe Bridge
Adobe Captivate
Adobe Character Animator
Adobe ColdFusion
Adobe Connect
Adobe Creative Cloud Desktop
Adobe Digital Edition
Adobe Digital Editions
Adobe Dimension
Adobe Dreamweaver
Adobe Flash Player
Adobe FrameMaker
Adobe Genuine Service
Adobe Illustrator
Adobe InCopy
Adobe InDesign
Adobe Lightroom
Adobe Magento
Adobe Media Encoder
Adobe Photoshop
Adobe Prelude
Adobe Premiere Elements
Adobe Premiere Pro
Adobe Premiere Rush
Adobe Reader
Adobe RoboHelp
Adobe Shockwave Player
Alibaba Alibaba Cloud Linux
Alpine Linux
Amazon Linux 2
Amazon Linux 2 Internal
Amazon Linux Bare Metal
Amazon Linux SXE
Apache Cassandra
Apache CouchDB
Apache HTTP Server
Apache Kafka
Apache OpenOffice
Apache Solr
Apache Struts
Apache Subversion
Apache Tomcat
Apple iCloud
Apple iOS
Apple iTunes
Apple macOS
Apple Safari (Browser only)
Apple Xcode
Arista Networks Extensible Operating System (EOS)
Atlassian Confluence
Atlassian JIRA
CentOS CentOS
Cisco Adaptive Security Appliance (ASA)
Cisco Data Center Network Manager
Cisco Email Security Application
Cisco Firepower Threat Defense (FTD) (ASA 55xx Devices Only)
Cisco Industrial Network Director
Cisco Integrated Management Controller
Cisco Internetwork Operating System (IOS)
Cisco Multilayer Director Switch (MDS)
Cisco Network Operating System (NX-OS)
Cisco Prime Collaboration
Cisco Prime Infrastructure
Cisco Prime Network Registrar
Cisco Software-defined Wide Area Network (SD-WAN)
Cisco TelePresence
Cisco Unified Communications Manager
Cisco Unified Computing System (UCS)
Cisco Web Security Appliance (WSA)
Cisco WebEx
Cisco Wireless LAN Controller
Citrix NetScaler
Citrix XenServer
Debian Long-Term Support Advisory (DLA) Buster
Debian Long-Term Support Advisory (DLA) Jessie
Debian Long-Term Support Advisory (DLA) Squeeze
Debian Long-Term Support Advisory (DLA) Stretch
Debian Long-Term Support Advisory (DLA) Wheezy
Debian Security Advisory (DSA) Buster
Debian Security Advisory (DSA) Jessie
Debian Security Advisory (DSA) Squeeze
Debian Security Advisory (DSA) Stretch
Debian Security Advisory (DSA) Wheezy
Dell Electromagnetic Compatibility (EMC) NetWorker Virtual Edition
Dell InsightIQ
Dell Integrated Dell Remote Access Controller (iDRAC)
Dell OpenManage Server Administrator (OMSA)
Dell PowerConnect
Dell Solutions Enabler
Dell SupportAssist
Dell Unisphere for PowerMax
Docker Docker
Don Ho Notepad++ Core (Plugins Not Supported)
Drupal Drupal
Elasticsearch Elasticsearch
Fedora Project Fedora
Fortinet FortiAnalyzer
Fortinet FortiClient
Fortinet FortiManager
Fortinet FortiOS
Foxit PDF Editor
Foxit PDF Reader
Foxit PhantomPDF
Foxit Reader
Gentoo Linux
Gimp Gimp
Git Git
Google Android
Google Chrome (Browser only)
Google Pixel
Huawei EulerOS
IBM BigFix
IBM Business Process Manager
IBM Cognos
IBM Domino
IBM InfoSphere
IBM Integration Bus
IBM Java
IBM Qradar
IBM Spectrum
IBM Statistical Package for the Social Sciences (SPSS)
IBM Sterling B2B Integrator
IBM Tivoli
IBM WebSphere
Intel Active Management Technology
Intel Active Management Technology Software Development Kit (SDK)
ISC Bind
Ivanti Cloud Service Appliance (CSA)
Jenkins Jenkins Core (Plugins Not Supported)
Joomla Joomla
jQuery jQuery
Juniper Junos
Kubernetes Kubernetes
Leadtools Leadtools
LibreOffice LibreOffice
McAfee Data Loss Prevention
McAfee Endpoint Security
McAfee Web Gateway
Microsoft .NET
Microsoft Active Directory
Microsoft Azure Active Directory
Microsoft Azure Stack
Microsoft Azure Stack Hub
Microsoft Defender
Microsoft Dynamics
Microsoft Edge (Browser only)
Microsoft Exchange
Microsoft Internet Explorer (Browser only)
Microsoft Lync
Microsoft Office
Microsoft Office - Access
Microsoft Office - Editor
Microsoft Office - Excel
Microsoft Office - FrontPage
Microsoft Office - OneNote
Microsoft Office - Outlook
Microsoft Office - Powerpoint
Microsoft Office - Publisher
Microsoft Office - Teams
Microsoft Office - Visio
Microsoft Office - Word
Microsoft One Drive
Microsoft Power BI Report Server
Microsoft Powershell
Microsoft SharePoint
Microsoft Skype
Microsoft SQL Server
Microsoft Team Foundation
Microsoft Visual C++
Microsoft Visual Studio
Microsoft Windows
Microsoft Windows Server
Mozilla Firefox (Browser only)
Mozilla Thunderbird
Nodejs Node.js
Oracle Database
Oracle GlassFish
Oracle Java
Oracle JDeveloper
Oracle Linux
Oracle MySQL
Oracle PeopleSoft
Oracle Solaris
Oracle VM VirtualBox
Oracle WebLogic Server
Palo Alto Global Protect
Palo Alto PAN-OS
PhpMyAdmin PhpMyAdmin
Pidgin Pidgin
PLEX Plex Media Server
PulseSecure PulseSecure
Quest KACE
Rconfig rconfig
Red Hat Ansible Tower
Red Hat Enterprise Linux (RHEL)
Red Hat Enterprise Linux (RHEL) Extended Update Support (EUS)
Red Hat Enterprise Linux (RHEL) OpenStack Platforms
Red Hat Fedora
Red Hat OpenShift Container Platform
Red Hat Satellite
SAP BusinessObjects
SAP Crystal Reports
SAP NetWeaver
Simon Tatham puTTY
Sophos Sophos Anti-Virus
Sophos Xg Firewall
Symantec Endpoint Protection
Tableau Tableau
TechSmith Camtasia
thinkphp thinkphp
TightVNC TightVNC
Trend Micro Antivirus
Trend Micro Apex Central
Trend Micro Apex One (On-Prem)
Trend Micro Control Manager
Trend Micro Deep Security
Trend Micro Internet Security Pro
Trend Micro InterScan eManager
Trend Micro Interscan Viruswall
Trend Micro Interscan Web Security
Trend Micro InterScan WebManager
Trend Micro OfficeScan
Trend Micro ScanMail
Trend Micro ServerProtect
Trend Micro Smart Protection
Trend Micro Titanium Maximum Security
Trend Micro Virus Control
TurboVNC TurboVNC
Ultravnc Ultravnc
vBulletin vBulletin
Videolan VLC
VMware Cloud Foundation
VMware Elastic Sky X Integrated (ESXi)
VMware Tools
VMware vCenter
VMware vSphere
VMware Workstation
WinZip WinZip
Wireshark Wireshark
WordPress WordPress Core (Plugins Not Supported)
WSO2 WSO2 API Manager
xpdf xpdf
Zabbix Zabbix
ZOHO Access Manager Plus
Zoom Client For Meetings - Microsoft Windows Installer (MSI)
Zoom Client For Meetings - Virtual Desktop Infrastructure (VDI)
Zoom Rooms For Conference Rooms

Table Last Updated: 2022-12-06

1 Qualys prerequisites for Less Pervasive Vendor/Product Vulnerability Management New QID Feature Requests

CVE carries a CVSSv3.x base score of 7.5 or greater, and

CVE is not associated with a third-party package, BIOS/Firmware/Driver, plugin, or extension, and

The Qualys Research & Development Lab team must be able to procure, deploy and maintain the required target(s) for the vendor/product associated with the CVE. 

Note: Vendor/Product assessment will be required to ascertain if the vendor/product is commercially viable.