Sign In Create account

Security Advisories and Release Notes

Release Notes R&S®Web Application Firewall 6.8.1 (Latest)
2022-04-28

We are pleased to announce the availability of R&S®Web Application Firewall 6.8.1 (Latest).

R&S®WAF Security update 3.38.0 - Patterns ICX
2022-04-06

A new security update for ICX patterns and rules is available!

CVE-2022-22965 - Spring4Shell - Spring Core Remote Code Execution Vulnerability
2022-04-04

A vulnerability was discovered in Spring Framework that can leads to an RCE.

CVE-2022-22963 - Spring Cloud Function Remote Code Execution Vulnerability
2022-04-04

A vulnerability was discovered in Spring Cloud that can leads to an RCE.

CVE-2022-22720: Http request smuggling
2022-03-31

A vulnerability that can be exploited when each server, in a server chain architecture, interprets HTTP headers differently.

CVE-2022-23943: Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server
2022-03-31

A vulnerability in mod_sed of Apache HTTP Server that allows an attacker to overwrite heap memory with possibly attacker provided data.

Release Notes R&S®Web Application Firewall 6.8.0 (Latest)
2022-03-30

We are pleased to announce the availability of R&S®Web Application Firewall 6.8.0 (Latest).

CVE-2022-0778: A Denial of Service Vulnerability in OpenSSL
2022-03-25

A vulnerability with a high severity was discovered in OpenSSL sofware library.

Release R&S®Web Application Firewall 6.5.6-patch12 (LTS)
2022-03-08

We are pleased to announce the availability of R&S®Web Application Firewall 6.5.6-patch12 (LTS), intended for use in production. Release date: 2022-03-08.

CVE-2022-21907: IIS HTTP Protocol Stack RCE
2022-01-28

A highly critical RCE vulnerability has been found in Microsoft Windows IIS.

CVE-2021-4034: pkexec Local Privilege Escalation
2022-01-27

Qualys team has discovered a Local Privilege Escalation on pkexec command from the polkit component.

Apache httpd 2.4.52 security fixes - CVE-2021-44790 - CVE-2021-44224
2022-01-12

The Apache httpd team has released the version 2.4.52 fixing two vulnerabilities.

R&S®WAF Security update 3.37.0 - ICX Patterns
2022-01-06

Security update available for ICX patterns.

R&S®WAF Bot mitigation - Good bot database update 1.1
2022-01-06

Good bot update for Bot Mitigation.

Security Advisories and Release Notes

Release Notes R&S®Web Application Firewall 6.8.1 (Latest)2022-04-28

R&S®WAF Security update 3.38.0 - Patterns ICX2022-04-06

CVE-2022-22965 - Spring4Shell - Spring Core Remote Code Execution Vulnerability2022-04-04

CVE-2022-22963 - Spring Cloud Function Remote Code Execution Vulnerability2022-04-04

CVE-2022-22720: Http request smuggling 2022-03-31

CVE-2022-23943: Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server2022-03-31

Release Notes R&S®Web Application Firewall 6.8.0 (Latest)2022-03-30

CVE-2022-0778: A Denial of Service Vulnerability in OpenSSL2022-03-25

Release R&S®Web Application Firewall 6.5.6-patch12 (LTS)2022-03-08

CVE-2022-21907: IIS HTTP Protocol Stack RCE2022-01-28

CVE-2021-4034: pkexec Local Privilege Escalation2022-01-27

Apache httpd 2.4.52 security fixes - CVE-2021-44790 - CVE-2021-442242022-01-12

R&S®WAF Security update 3.37.0 - ICX Patterns2022-01-06

R&S®WAF Bot mitigation - Good bot database update 1.12022-01-06