CVE-2025-45512

A flaw was found in the bootloader component of DENX Software Engineering Das U-Boot U-Boot. This vulnerability allows arbitrary code execution via installation of crafted firmware files due to missing signature verification. Mitigation Mitigation for this issue is either not available or the...

CVE-2025-50151

A file path validation flaw has been discovered in Apache Jena. This flaw allows users with administrative access to upload arbitrary configurations. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

Elastic WAF: Reshaping Application Security for DevOps and Hybrid Environments

We recently discussed Imperva’s vision for the future of application security, where we also covered the Imperva Security Engine. This innovative application security framework is powering up the next generation of Imperva solutions, the first of which is Imperva Elastic WAF. This blog is the fir...

CVE-2025-5473

An integer overflow vulnerability was found in Gimp's handling of ICO files. This vulnerability can lead to code execution if a user is convinced to open a maliciously crafted file. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red...

CVE-2025-46393

A flaw was found the inImageMagick package. In multispectral MIFF image processing in ImageMagick, packetsize is mishandled. This issue is related to the rendering of all channels in an arbitrary order. Mitigation Mitigation for this issue is either not available or the currently available option...

Choosing the Right Deployment Option for Your API Security Solution

You need an API security solution. That much is a given although some may argue it isn’t!. While essential for business growth and innovation, APIs, or Application Programming Interfaces, expose the organizations that use them to cyber threats. Attackers are both aware of and actively exploiting...

Hive Pro Unveils Enhanced Version of HivePro Uni5 Threat Exposure Management Platform v2.1.0

Featuring diversified deployment options, seamless tool integration, and a refined user interface. Milpitas, CA – 3rd April 2023 – Hive Pro, a prominent cybersecurity firm specializing in Threat Exposure Management, today introduced the version update v2.1.0 to its flagship HivePro Uni5 platform,...

tCell by Rapid7 Supports the Newly Released .NET 6.0

We’re excited to share that we've coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft. What is tCell? Since the founding of tCell by Rapid7, our web application and API protection solution, we’ve prided ourselves on providing both breadth an...

MS14-059: Description of the security update for ASP.NET MVC 2.0: October 14, 2014

MS14-059: Description of the security update for ASP.NET MVC 2.0: October 14, 2014 This article does not apply to Windows 10 devices that run in S mode.For more information about S mode, see Windows 10 in S mode FAQ. Introduction Microsoft has released security bulletin MS14-059. To learn more...

Why You Should Pick a Leader for Your Enterprise Email Security

Email is a mature technology, but threats targeting email are evolving and getting more sophisticated. 97%1 of ransomware attacks come from email. That’s why there are so many email security vendors and solutions in the market offering different types of technologies and coverages. Picking the be...

Cynet: An Autonomous Security Platform for Any Size Organization

The Cynet security platform takes a different approach to traditional point security offerings, by providing a consolidated solution to all aspects of breach protection through a single interface. Unlike endpoint security solutions that only focus on particular types of threats targeting the...

MS05-012: Vulnerability in OLE and COM could allow remote code execution

MS05-012: Vulnerability in OLE and COM could allow remote code execution Microsoft has released security bulletin MS05-012. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete...

MS04-022: A vulnerability in Task Scheduler could allow code execution

MS04-022: A vulnerability in Task Scheduler could allow code execution Microsoft has released security bulletin MS04-022. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete securit...

MS05-001: Vulnerability in HTML Help could allow code execution

MS05-001: Vulnerability in HTML Help could allow code execution Microsoft has released security bulletin MS05-001. The security bulletin contains all the relevant information about the security update. This includes file manifest information and deployment options. To view the complete security...

MS07-047: Vulnerability in Windows Media Player could allow remote code execution

MS07-047: Vulnerability in Windows Media Player could allow remote code execution INTRODUCTION Microsoft has released security bulletin MS07-047. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployme...

MS08-025: Vulnerability in Windows Kernel could allow elevation of privilege

MS08-025: Vulnerability in Windows Kernel could allow elevation of privilege Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For more information, refer to this...

MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007

MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007 INTRODUCTION Microsoft has released security bulletin MS07-042. The security bulletin contains all the relevant information about the security update. This information includes file manifest...

Description of the security update for Excel 2003: October 10, 2006

Description of the security update for Excel 2003: October 10, 2006 Microsoft has released security bulletin MS06-059. The security bulletin contains all the relevant information about the security update for Microsoft Office Excel 2003. This information includes file manifest information and...

MS08-030: Vulnerability in Bluetooth stack could allow remote code execution

MS08-030: Vulnerability in Bluetooth stack could allow remote code execution Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For more information, refer to this...

MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution

MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution Microsoft has released security bulletin MS05-051. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To...