The contents of this page supplement the Qualys New QID Development, Prioritization, and Feature Request Process.
Qualys vendor and product vulnerability detection coverage are dynamic. We are constantly expanding our list of supported vendors and products.
The static table below includes, but is not limited to, the vendor and product technologies Qualys has determined to be commercially viable and recurringly supports through the release of vulnerability detection signatures (QIDs).
Our vulnerability catalog is a living resource featuring over 90,000 identified vulnerabilities/CVEs, demonstrating our extensive security commitment. This dynamic resource is continually updated and refined, maintaining its status as a comprehensive vulnerability detection and management tool.
If you cannot locate a specific vendor or product in the list below, please contact 24/7/365 customer & technical support, or your Technical Account Manager (TAM), to request additional information.
The table also offers insights into the estimated detection delivery time. The clock begins with an actionable vulnerability release and ends with the production release of vulnerability detection coverage (QID).
Following is the list of technologies that fall under the Recurring Vulnerability Coverage Criteria as defined by the Qualys Vulnerability Research Team. All technologies listed have a Targeted Release Timeline (Hours) of 48-72 from the time a vendor releases a security advisory, unless otherwise specified. Please note some technologies have prerequisites1 that could extend the release timeline.
The Qualys Vulnerability Research Team aims to meet the delivery targets listed below whenever possible; exceptions should be expected. Please direct any questions regarding delivery targets to your Technical Account Manager (TAM) directly to request additional information.
Table Last Updated: 2023-08-28
| Vendor | Product |
|---|---|
| 7-ZIP | 7-ZIP |
| A10Networks | Advanced core OS |
| Adobe | Adobe Acrobat |
| Adobe | Adobe After Effects |
| Adobe | Adobe Animate |
| Adobe | Adobe Audition |
| Adobe | Adobe Brackets |
| Adobe | Adobe Bridge |
| Adobe | Adobe Captivate |
| Adobe | Adobe Character Animator |
| Adobe | Adobe ColdFusion |
| Adobe | Adobe Creative Cloud Desktop |
| Adobe | Adobe Digital Editions |
| Adobe | Adobe Dimension |
| Adobe | Adobe Dreamweaver |
| Adobe | Adobe FrameMaker |
| Adobe | Adobe Genuine Service |
| Adobe | Adobe Illustrator |
| Adobe | Adobe InCopy |
| Adobe | Adobe InDesign |
| Adobe | Adobe Lightroom |
| Adobe | Adobe Media Encoder |
| Adobe | Adobe Photoshop |
| Adobe | Adobe Prelude |
| Adobe | Adobe Premiere Elements |
| Adobe | Adobe Premiere Pro |
| Adobe | Adobe Premiere Rush |
| Adobe | Adobe Reader |
| Adobe | Adobe RoboHelp |
| Adobe | Adobe Connect |
| Alibaba | Alibaba Cloud Linux |
| Alma | Alma Linux |
| Alpine | Alpine Linux |
| Amazon | Amazon Linux 2 |
| Amazon | Amazon Linux 2 Internal |
| Amazon | Amazon Linux Bare Metal |
| Amazon | Amazon Linux SXE |
| Ansible Tower | Ansible Tower |
| Apache | Cassandra |
| Apache | CouchDB |
| Apache | HTTP Server |
| Apache | Kafka |
| Apache | OpenOffice |
| Apache | Solr |
| Apache | Struts |
| Apache | Subversion |
| Apache | Tomcat |
| Apache | XAMPP |
| Apache | Traffic |
| Apache | Ambari |
| Apache | Apisix |
| Apple | iCloud |
| Apple | iOS |
| Apple | iTunes |
| Apple | macOS |
| Apple | Safari |
| Apple | Xcode |
| Apple | Quicktime |
| Arista Networks | Extensible Operating System (EOS) |
| Atlantis | Atlantis Word Processor |
| Atlassian | Confluence |
| Atlassian | Jira |
| Atlassian | Bitbucket |
| Atlassian | Sourcetree |
| Atlassian | Bamboo |
| Atlassian | Crowd |
| Atlassian | Jira Service Management |
| Autodesk | Autodesk Installer |
| Azul | Azul java |
| CentoS | CentOS |
| Cisco | Cisco Adaptive Security Appliance (ASA) |
| Cisco | Data Center Network Manager |
| Cisco | Firepower Threat Defense (FTD) (ASA 55xx Devices Only) |
| Cisco | Industrial Network Director |
| Cisco | Integrated Management Controller |
| Cisco | Internetwork Operating System (IOS) |
| Cisco | Multilayer Director Switch (MDS) |
| Cisco | Network Operating System (NX-OS) |
| Cisco | Prime Collaboration |
| Cisco | Prime Infrastructure |
| Cisco | Prime Network Registrar |
| Cisco | Software-defined Wide Area Network (SD-WAN) vManage |
| Cisco | TelePresence |
| Cisco | Unified Communications Manager |
| Cisco | Unified Computing System (UCS) |
| Cisco | WebEx |
| Cisco | Wireless LAN Controller |
| Citrix | Citrix NetScaler ADC (formerly Citrix ADC) |
| Citrix | Citrix XenServer |
| Citrix | Citrix NetScaler |
| Citrix | Citrix Workspace App for Windows |
| Citrix | Citrix XenApp |
| Citrix | Citrix Secure Mail for Android |
| Citrix | Citrix Virtual Apps and Desktops |
| Citrix | Citrix Workspace app for Linux |
| Citrix | Citrix NetScaler Gateway ( formerly Citrix Gateway) |
| Citrix | Citrix ShareFile |
| Citrix | Citrix XenDesktop |
| Cloudera | Cloudera Manager |
| Couchbase | Couchbase Server |
| Debian | Debian Long-Term Support Advisory (DLA) Buster |
| Debian | Debian Long-Term Support Advisory (DLA) Jessie |
| Debian | Debian Long-Term Support Advisory (DLA) Squeeze |
| Debian | Debian Long-Term Support Advisory (DLA) Stretch |
| Debian | Debian Long-Term Support Advisory (DLA) Wheezy |
| Debian | Debian Security Advisory (DSA) Buster |
| Debian | Debian Security Advisory (DSA) Jessie |
| Debian | Debian Security Advisory (DSA) Squeeze |
| Debian | Debian Security Advisory (DSA) Stretch |
| Debian | Debian Security Advisory (DSA) Wheezy |
| Dell | Electromagnetic Compatibility (EMC) NetWorker Virtual Edition |
| Dell | InsightIQ |
| Dell | Integrated Dell Remote Access Controller (iDRAC) |
| Dell | OpenManage Server Administrator (OMSA) |
| Dell | Solutions Enabler |
| Dell | SupportAssist |
| Dell | Unisphere for PowerMax |
| Docker | Docker Engine |
| Docker | Docker Desktop |
| Don Ho | Notepad++ Core (Plugins Not Supported) |
| Drupal | Drupal |
| Eclipse Jetty | Eclipse Jetty |
| Elasticsearch | Elasticsearch |
| F5 Networks | BIG-IP ALL products |
| Fedora Project | Fedora |
| FileZilla | FileZilla Server |
| Fortinet | FortiAnalyzer |
| Fortinet | FortiClient |
| Fortinet | FortiManager |
| Fortinet | FortiOS |
| Fortinet | Fortinet FortiClient Windows |
| Foxit | Foxit PDF Editor |
| Foxit | PDF Reader |
| Foxit | PhantomPDF |
| Foxit | Reader |
| FreeBSD | FreeBSD(Free Berkeley Software Distribution) |
| Gentoo | Gentoo Linux |
| GeoServer | GeoServer |
| Gimp | Gimp |
| Git | Github Enterprise |
| Git | Gitlab |
| Android | |
| Chrome | |
| Pixel | |
| Chrome Plugins | |
| Earth | |
| Grafana | Grafana |
| HCL | HCL BigFix |
| HP | HP Data Protector |
| HP | HP Support Assistant |
| HP | HP LoadRunner |
| HP | HP OpenView Storage Data Protector |
| HP | HP SiteScope |
| HPE | ArubaOS |
| HPE | Intelligent Management Center (iMC) PLAT |
| HPE | HPE Integrated Lights-Out iLO |
| HPE | HPE Integrated Lights-Out 2 |
| HPE | HPE Integrated Lights-Out 4 |
| HPE | HPE Integrated Lights-Out 3 |
| HPE | HPE Integrated Lights-Out 5 |
| Huawei | EulerOS |
| Huawei | Huawei Switch |
| Huawei Router | Huawei Router |
| Hypertext Preprocessor PHP | Hypertext Preprocessor PHP |
| IBM | Cognos |
| IBM | WebSphere |
| IBM | HTTP Server |
| IBM | DB2 |
| IBM | MQ |
| IBM | Qradar |
| IBM | Business Process Manager |
| IBM | AIX |
| IBM | Integration Bus |
| IBM | Java |
| IBM | Tivoli Monitoring |
| IBM | Spectrum Protect (Tivoli Storage Manager) |
| IBM | VIOS 2.x |
| IBM | Lotus Notes |
| IBM | Spectrum Protect Operations Center |
| IBM | Aspera Faspex |
| IBM | Sterling Secure Proxy |
| IBM | Sterling Connect |
| IBM | Tivoli Netcool |
| IBM | SPSS Sample Power |
| IBM | Spectrum Control |
| IBM | Tivoli System Automation |
| IBM | Rational |
| IBM | API Connect |
| IBM | Security SiteProtector |
| IBM | Security AppScan |
| IBM | Content Navigator |
| IBM | Planning Analytics |
| IBM | Personal Communication |
| IBM | Installation Manager |
| IBM | Spectrum Scale |
| IBM | iNotes |
| IpSwitch | MOVEit Transfer |
| ISC Bind | ISC Bind |
| Jenkins | Jenkins Core |
| Jenkins | Plugins |
| JetBrains | JetBrains TeamCity |
| JetBrains | IntelliJ IDEA |
| Joomla | Joomla |
| jQuery | jQuery |
| Juniper | Junos |
| Kubernetes | Kubernetes |
| Leadtools | Leadtools |
| LibreOffice | LibreOffice |
| Liferay Portal | Liferay Portal |
| McAfee | Data Loss Prevention |
| McAfee | Endpoint Security |
| McAfee | Web Gateway |
| McAfee | ePolicy Orchestrator |
| McAfee | McAfee Agent |
| McAfee | McAfee Network Security Manager |
| Microsoft | .NET |
| Microsoft | Azure Stack Hub |
| Microsoft | Defender |
| Microsoft | Dynamics |
| Microsoft | Edge (Browser only) |
| Microsoft | Exchange |
| Microsoft | Internet Explorer (Browser only) |
| Microsoft | Office |
| Microsoft | Office – Outlook |
| Microsoft | One Drive |
| Microsoft | Power BI Report Server |
| Microsoft | Powershell |
| Microsoft | SharePoint |
| Microsoft | SQL Server |
| Microsoft | Visual C++ |
| Microsoft | Visual Studio |
| Microsoft | Windows OS |
| Microsoft | Windows Server |
| Microsoft | Active Directory |
| Microsoft | Azure Active Directory |
| Microsoft | Azure Stack |
| Microsoft | Office – Access |
| Microsoft | Office – Editor |
| Microsoft | Office – Excel |
| Microsoft | Office – FrontPage |
| Microsoft | Office – OneNote |
| Microsoft | Office – Powerpoint |
| Microsoft | Office – Publisher |
| Microsoft | Office – Teams |
| Microsoft | Office – Visio |
| Microsoft | Office – Word |
| Microsoft | Skype |
| Microsoft | Team Foundation/Azure DevOps Server |
| Microsoft | CBL-Mariner |
| Microsoft | .NET Framework |
| Microsoft | Visual Studio Code |
| Microsoft | SharePoint Server |
| MobaTek | MobaTek MobaXterm |
| MongoDB | MongoDB Server |
| Mozilla | Mozilla Firefox (Browser only) |
| Mozilla | Mozilla Thunderbird |
| Nagios | Nagios |
| NetApp | Clustered Data ONTAP |
| Nitro Pro | Nitro Pro PDF |
| Nmap | Nmap |
| Novell | Novell client |
| OpenSSH | OpenSSH |
| OpenSSL | OpenSSL |
| OpenSUSE | OpenSUSE |
| Oracle | Database |
| Oracle | GlassFish |
| Oracle | Java |
| Oracle | Linux |
| Oracle | MySQL |
| Oracle | Solaris |
| Oracle | VM VirtualBox |
| Oracle | WebLogic Server |
| Palo Alto | Global Protect |
| Palo Alto | PAN-OS |
| PaperCut | PaperCut NG |
| PaperCut | Papercut MF |
| pfsense | pfsense |
| PhpMyAdmin | PhpMyAdmin |
| Pidgin | Pidgin |
| PLEX | Plex Media Server |
| Pulse secure | Pulse Secure Desktop |
| PulseSecure(Ivanti) | PulseSecure |
| QNAP | QNAP QTS |
| Qualys | Cloud Agent |
| Rarlab | Winrar |
| Rconfig | Rconfig |
| Red hat | Ansible Tower |
| Red hat | Enterprise Linux (RHEL) |
| Red hat | Enterprise Linux (RHEL) Extended Update Support (EUS) |
| Red hat | Enterprise Linux (RHEL) OpenStack Platforms |
| Red hat | Fedora |
| Red hat | OpenShift Container Platform |
| Red hat | Satellite |
| Rocky Linux | Rocky Linux |
| sangoma | freepbx |
| shibboleth | shibboleth |
| Simon Tatham puTTY | Simon Tatham puTTY |
| SolarWinds | SolarWinds Orion Platform |
| SolarWinds | SolarWinds DameWare Mini Remote Control |
| SolarWinds | SolarWinds Serv-U |
| SolarWinds | Solarwinds Orion |
| SolarWinds | SolarWinds Dameware |
| SonicWall | SonicWall SONICOS |
| SonicWall | SonicWall SMA100 |
| Sophos | Sophos Anti-Virus |
| Sophos | Xg Firewall |
| Sophos | Sophos Firewall |
| Sophos | Sophos Secure Workspace for Android |
| Sophos | Sophos Authenticator Android |
| Sophos | Sophos SafeGuard Enterprise Client for Windows |
| Sophos | Sophos Secure Email for Android |
| Splunk | Splunk Enterprise |
| Splunk | Splunk Universal Forwarder |
| Squid | Squid proxy server |
| SugarCRM | SugarCRM |
| SUSE | SUSE Enterprise Linux |
| Symantec | Symantec Endpoint Protection |
| Tableau | Tableau server |
| TeamViewer | TeamViewer Desktop |
| TechSmith | Camtasia |
| Tibco | JasperReports Server |
| TightVNC | TightVNC |
| Trend Micro | Trend Micro Antivirus |
| Trend Micro | Trend Micro Apex Central |
| Trend Micro | Trend Micro Apex One (On-Prem) |
| Trend Micro | Trend Micro Control Manager (New Name- Apex Central) |
| Trend Micro | Trend Micro Deep Security |
| Trend Micro | Trend Micro Internet Security Pro |
| Trend Micro | Trend Micro InterScan eManager |
| Trend Micro | Trend Micro Interscan Viruswall |
| Trend Micro | Trend Micro InterScan WebManager |
| Trend Micro | Trend Micro OfficeScan (new name – apex One) |
| Trend Micro | Trend Micro ServerProtect |
| Trend Micro | Trend Micro Smart Protection |
| Trend Micro | Trend Micro Titanium Maximum Security |
| TurboVNC[1] | TurboVNC |
| Ubuntu | Ubuntu |
| UltraVNC | UltraVNC |
| vBulletin | vBulletin |
| Veeam | Veeam Backup |
| Veritas | NetBackup |
| Veritas | Veritas Backup Exec |
| Videolan VLC | Videolan VLC |
| Videolan VLC | VideoLAN VLC Media player |
| Videolan VLC | VideoLAN VLC iOS |
| Virtuozzo | Virtuozzo |
| Vmware | Elastic Sky X Integrated (ESXi) |
| Vmware | Tools |
| Vmware | vCenter |
| Vmware | vSphere |
| Vmware | Workstation |
| Vmware | vRealize |
| Vmware | Identity Manager |
| Vmware | NSX-T |
| Vmware | VMware Aria Operations for Logs (formerly vRealize Log Insight) |
| Vmware | Carbon Black App |
| VMware | Horizon |
| Webmin | Webmin |
| Winamp | Winamp Media |
| WinSCP | WinSCP |
| WinZip | WinZip |
| Wireshark | Wireshark |
| WordPress | WordPress |
| WordPress | Plugins (excluding premium plugins which are not supported) |
| Wowza | Wowza Streaming Engine |
| WSO2 | API Manager |
| XPDF | XPDF |
| Zabbix | Zabbix |
| Zimbra | Zimbra Collaboration Suite |
| Zoho | Zoho Access Manager Plus |
| Zoho | Zoho PAM360 |
| Zoom | Zoom Client For Meetings – Microsoft Windows Installer (MSI) |
| Zoom | Zoom Client For Meetings – Virtual Desktop Infrastructure (VDI) |
| Zoom | Zoom Rooms for Conference Room |
| Zoom | Zoom Rooms client |
1 Qualys prerequisites for Less Pervasive Vendor/Product Vulnerability Management New QID Feature Requests
CVE carries a CVSSv3.x base score of 7.5 or greater, and
CVE is not associated with a third-party package, BIOS/Firmware/Driver, plugin, or extension, and
The Qualys Research & Development Lab team must be able to procure, deploy and maintain the required target(s) for the vendor/product associated with the CVE.
Note: Vendor/Product assessment will be required to ascertain if the vendor/product is commercially viable.