CVE-2025-47908

A flaw was found in github.com/rs/cors. The middleware exhibits excessive heap memory allocation when handling preflight requests containing a lengthy, comma-separated value in the Access-Control-Request-Headers ACRH header. This vulnerability allows an attacker to send a specially crafted HTTP...

Description of the security update for SharePoint Server Subscription Edition: April 8, 2025 (KB5002705)

Description of the security update for SharePoint Server Subscription Edition: April 8, 2025 KB5002705 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

Description of the security update for Excel 2016: March 11, 2025 (KB5002696)

Description of the security update for Excel 2016: March 11, 2025 KB5002696 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...

Description of the security update for SharePoint Server 2019: April 9, 2024 (KB5002580)

Description of the security update for SharePoint Server 2019: April 9, 2024 KB5002580 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-26251. Notes: This ...

Description of the security update for Publisher 2013: August 8, 2023 (KB5002391)

Description of the security update for Publisher 2013: August 8, 2023 KB5002391 Summary This security update for Microsoft Office provides defense-in-depth updates to help improve security-related features. To learn more about the vulnerability, see Microsoft advisory ADV230003. Note: To apply th...

Description of the security update for Office 2016: July 11, 2023 (KB4475581)

Description of the security update for Office 2016: July 11, 2023 KB4475581 Summary This security update resolves a Microsoft Outlook remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-33153. Note: To apply this...

End of support for Office 2016 and Office 2019

None None...

Description of the security update for Outlook 2013: July 11, 2023 (KB5002432)

Description of the security update for Outlook 2013: July 11, 2023 KB5002432 Summary This security update resolves a Microsoft Outlook spoofing vulnerability, and Microsoft Outlook security feature bypass vulnerability. To learn more about the vulnerabilities, see the following security advisorie...

Maximizing Performance with Wallarm Filtering Nodes in Amazon’s Global Infrastructure

Introduction In todays digital landscape, ensuring the security and performance of web applications is paramount. To achieve optimal protection against cyber threats, organizations deploy web application and API protection WAAPs like Wallarm. However, to truly leverage the benefits of Wallarm,...

Description of the security update for SharePoint Foundation 2013: March 14, 2023 (KB5002367)

Description of the security update for SharePoint Foundation 2013: March 14, 2023 KB5002367 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see ​​​​Microsoft Common Vulnerabilities and Exposures CVE-2023-23395...

io.quarkiverse.cxf:quarkus-cxf-deployment (=1.6.0), io.quarkiverse.cxf:quarkus-cxf-rt-features-logging-deployment (=1.6.0) +95 more potentially affected by CVE-2022-4116 via io.quarkus:quarkus-vertx-http-deployment (>=2.14.0.CR1 <=2.14.1.Final)

io.quarkus:quarkus-vertx-http-deployment MAVEN version =2.14.0.CR1, =2.14.1.Final is affected by a known vulnerability. The following packages have a transitive dependency on io.quarkus:quarkus-vertx-http-deployment and may be impacted: - io.quarkiverse.cxf:quarkus-cxf-deployment =1.6.0 -...

Description of the security update for Office 2016: November 8, 2022 (KB3191869)

Description of the security update for Office 2016: November 8, 2022 KB3191869 Summary There is a Microsoft Office update for defense-in-depth updates to help improve security-related features. To learn more about the vulnerability, see Microsoft advisory ADV220003. Note: To apply this security...

Description of the security update for Visio 2013: September 13, 2022 (KB5002017)

Description of the security update for Visio 2013: September 13, 2022 KB5002017 Summary This security update resolves a Microsoft Office Visio remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-38010. Note: To...

Hitachi Energy TXpert Hub CoreTec 4 Sudo Vulnerability

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: TXpert Hub CoreTec 4 Vulnerability: Off-by-one Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control of the system node and its information...

End of support for Office 2016 and Office 2019

None None...

Description of the security update for SharePoint Foundation 2013: December 14, 2021 (KB5002015)

Description of the security update for SharePoint Foundation 2013: December 14, 2021 KB5002015 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Description of the security update for SharePoint Enterprise Server 2016: October 12, 2021 (KB5002006)

Description of the security update for SharePoint Enterprise Server 2016: October 12, 2021 KB5002006 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-40486...

Description of the security update for SharePoint Enterprise Server 2013: October 12, 2021 (KB5001924)

Description of the security update for SharePoint Enterprise Server 2013: October 12, 2021 KB5001924 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-40486...

Why Zero Trust Needs the Edge

Backhauling traffic destroys performance, and backhauling attack traffic can destroy even more. Nevertheless, in a traditional security deployment model, we are faced with the lose-lose options of either backhauling all traffic to the security stack or allowing some accesses to not go through the...

Description of the security update for SharePoint Enterprise Server 2013: July 13, 2021 (KB5001984)

Description of the security update for SharePoint Enterprise Server 2013: July 13, 2021 KB5001984 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft SharePoint Server information disclosure vulnerability. To learn more about the vulnerability,...