Lucene search
K

45 matches found

Imperva Blog
Imperva Blog
added 2025/06/03 8:32 p.m.8 views

Discover First, Defend Fully: The Essential First Step on Your API Security Journey

APIs power today’s digital economy, but their lightning-fast evolution and astronomical call volumes can leave security teams scrambling to keep up. How can you secure what you can’t yet see or quantify? Imperva’s Unlimited Discovery-Only capability for the Cloud WAF CWAF add-On delivers...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2025/05/12 12:0 a.m.10 views

CVE-2024-56524

Radware Cloud Web Application Firewall WAF before 2025-05-07 allows remote attackers to bypass firewall filters by adding a special character to the request...

0.00543EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/12 12:0 a.m.10 views

CVE-2024-56523

Radware Cloud Web Application Firewall WAF before 2025-05-07 allows remote attackers to bypass firewall filters by placing random data in the HTTP request body when using the HTTP GET method...

9.2AI score0.00543EPSS
Exploits0References2
HackRead
HackRead
added 2024/08/14 10:28 p.m.13 views

Risk Management Strategies: Incorporating Cloud WAFs into Your Plan

In today’s digital world, protecting your online assets is more critical than ever. As cyber threats grow increasingly…...

7.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/07/05 8:25 p.m.9 views

Simplifying Infrastructure Management with Imperva’s Terraform Module for Cloud WAF

In todays rapidly evolving technological landscape, managing infrastructure efficiently is paramount for businesses striving to stay competitive. With the rise of cloud computing, Infrastructure as Code IaC has emerged as a game-changer, enabling organizations to automate the provisioning and...

7.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/05/30 4:40 p.m.37 views

Mitigate Http/2 continuations with Imperva WAF

As the threat landscape continues to grow, with new breaches being announced every day, Imperva continues to stay one step ahead of attackers. HTTP/2 exploits seem to be growing every quarter as more attackers use this vulnerability in new ways. We previously wrote about how Imperva protected its...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/14 1:42 p.m.30 views

The Added Value of SNI-Only Mode in Imperva Cloud WAF

Imperva has modified the default behavior for new cloud WAF sites, now enforcing Server Name Indication SNI-only traffic by default. This shift is aimed at optimizing the utilization of TLS-related features, both those currently in place and those slated for the future roadmap. This blog post wil...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/13 10:18 p.m.36 views

Imperva defends customers against CVE-2024-22024 in Ivanti products

Ivanti recently published an urgent warning about an authentication bypass in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways, tracked as CVE-2024-22024. The bug, which carries a severity score of 8.3, was discovered during an internal review. Since its announcement on February 8,...

7.5CVSS7.3AI score0.94721EPSS
Exploits1
Imperva Blog
Imperva Blog
added 2023/12/29 7:48 p.m.33 views

Imperva defends customers against recent vulnerabilities in Apache OFBiz

On December 26, researchers from SonicWall Capture Labs discovered an authentication bypass vulnerability in Apache OFBiz, tracked as CVE-2023-51467. This bug has a CVSS score of 9.8 and allows attackers to achieve server-side request forgery SSRF by bypassing the program’s authentication. This...

7.5CVSS8.6AI score0.96001EPSS
Exploits16
Imperva Blog
Imperva Blog
added 2023/10/27 2:45 p.m.49 views

Imperva Customers are Protected Against the Latest F5 BIG-IP Vulnerability

Imperva is tracking the recent critical security vulnerability impacting F5’s BIG-IP solution. The vulnerability, CVE-2023-46747, could allow an attacker to bypass authentication and potentially compromise the system via request smuggling. Imperva Threat Research has been actively monitoring this...

7.5CVSS7.1AI score0.96515EPSS
Exploits17
Imperva Blog
Imperva Blog
added 2023/10/11 10:29 p.m.70 views

Atlassian CVE-2023-22515 Blocked by Imperva

Atlassian, an Australian software company, has released emergency security updates to address a severe zero-day vulnerability in its Confluence Data Center and Server software. This vulnerability is actively being exploited, allowing attackers to create unauthorized Confluence administrator...

7.5CVSS7.3AI score0.99156EPSS
Exploits39
Imperva Blog
Imperva Blog
added 2023/10/10 12:24 p.m.122 views

Protecting Against HTTP/2 Rapid Reset: CVE-2023-44487

Today, Google disclosed a zero-day vulnerability in the HTTP/2 protocol. Imperva collaborated proactively with Google to gain advanced insights into this vulnerability. After a comprehensive inspection of this vulnerability by Imperva’s Product Development and Threat Research teams, we can confir...

5CVSS8.4AI score0.99999EPSS
Exploits19
Imperva Blog
Imperva Blog
added 2023/09/19 1:14 p.m.23 views

Elevate Your Cybersecurity with Imperva Cloud WAF: More Than Just a Checkbox

In the world of digital modernization, having a web application firewall WAF isnt an option - its a necessity. But in the endless sea of security solutions, how do you choose the right one? How do you ensure that youre not merely checking a box, but genuinely fortifying your digital fortress? Whi...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/07/23 9:46 a.m.57 views

CVE-2023-3519: NetScaler (Citrix) RCE Blocked By Imperva

On July 20, CISA warned about the exploitation of an unauthenticated remote code execution vulnerability affecting NetScaler formerly Citrix Application Delivery Controller and NetScaler Gateway. Attackers first exploited this vulnerability in June, when unidentified hackers used this as a zero-d...

7.5CVSS8.1AI score0.99445EPSS
Exploits16
Imperva Blog
Imperva Blog
added 2023/06/06 3:55 p.m.55 views

CVE-2023-34362 – MOVEit Transfer – An attack chain that retrieves sensitive information

MOVEit Transfer is a popular secure file transfer solution developed by Progress, a subsidiary of Ipswitch. At the moment, there are more than 2,500 MOVEit Transfer servers that are accessible from the internet, according to Shodan. On May 31, 2023, Progress released a security advisory affecting...

7.5CVSS8.7AI score0.99934EPSS
Exploits15
Imperva Blog
Imperva Blog
added 2022/01/31 9:12 p.m.21 views

Imperva is on Top of the World as it Announces New PoP in Bogotá

Imperva is on top of the world to announce the opening of our newest and highest data center yet in Bogotá, Colombia. This latest move represents our commitment as an organization to improve performance, security and connectivity for our customers in the Colombian market. In the very center of th...

6.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/12/17 6:44 a.m.88 views

5 Things We’ve Learned About CVE-2021-44228

Over the last week, Imperva Threat Research observed interesting data points related to CVE-2021-44228. Despite new variants being discovered and patched by our team, we wanted to share five interesting things that we’ve learned from analyzing a subset of our overall global network traffic. Attac...

9.3CVSS0.4AI score0.99999EPSS
Exploits348
CNVD
CNVD
added 2021/06/21 12:0 a.m.12 views

Unauthorized Access Vulnerability in Mingguo APT Attack (Cyber Warfare) Warning Platform (CNVD-2021-47700)

Hangzhou ACE Information Technology Co., Ltd. is a company that has been focusing on the research, development, production and sales of products in the field of network information security, such as Fortress, Remote Monitoring, Cloud Saas Service, Cloud WAF, Industrial Control, Online Remote Offi...

6.7AI score
Exploits0
CNVD
CNVD
added 2021/06/21 12:0 a.m.19 views

Logic Flaw Vulnerability in Mingguo APT Attack (Cyber Warfare) Warning Platform

Hangzhou ACE Information Technology Co., Ltd. is a company that has been focusing on the research, development, production and sales of products in the field of network information security, such as Fortress, Remote Monitoring, Cloud Saas Service, Cloud WAF, Industrial Control, Online Remote Offi...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/02/05 5:18 p.m.29 views

API Security Checks in the Post-Pandemic World

The digital transformation journeys of many enterprises have been accelerated by the COVID-19 pandemic. For 2020, IT resources shifted to support WFH policies with mobile and remote productivity solutions, while simultaneously managing multiple datacenter migration projects to the cloud for scale...

0.1AI score
Exploits0
Rows per page
Query Builder