CVE-2021-27101

To mitigate CVE-2021-27101, it is crucial to promptly update Accellion File Transfer Appliance

(FTA) to the latest patched versions. Specifically, upgrade to FTA 9_12_380 or newer. This patch
addresses the SQL injection vulnerability via a crafted Host header in a request to
`document_root.html`, which allows unauthenticated, remote attackers to execute arbitrary
commands on the target system. Ensuring that your Accellion FTA installation is up-to-date can
help protect against potential exploitation.

CVE-2021-27103

To mitigate CVE-2021-27103, it is crucial to promptly update Accellion File Transfer Appliance

(FTA) to the latest patched versions. Specifically, upgrade to FTA 9_12_416 or newer. This patch
addresses the Server-Side Request Forgery (SSRF) vulnerability. An unauthenticated, remote
attacker could exploit the flaw by sending a specially crafted POST request to the `wmProgressstat`
file on a vulnerable FTA endpoint. Ensuring that your Accellion FTA installation is up-to-date can
help protect against potential exploitation.

CVE-2021-21017

To mitigate CVE-2021-21017, it is crucial to promptly update Adobe Acrobat and Reader to the
latest patched versions. Specifically, upgrade to Adobe Acrobat DC 2021.001.20135 or newer,
Adobe Reader DC 2021.001.20135 or newer, Adobe Acrobat 2020 2020.001.30020 or newer, and
Adobe Reader 2020 2020.001.30020 or newer. This patch addresses the heap-based buffer overflow
vulnerability in the `AcroForm` component, which allows an unauthenticated attacker to achieve
arbitrary code execution in the context of the current user. Ensuring that your Adobe software is up-
to-date can help protect against potential exploitation.

CVE-2021-28550

To mitigate CVE-2021-21017, it is crucial to promptly update Adobe Acrobat and Reader to the
latest patched versions. Specifically, upgrade to Adobe Acrobat DC 2021.001.20135 or newer,
Adobe Reader DC 2021.001.20135 or newer, Adobe Acrobat 2020 2020.001.30020 or newer, and
Adobe Reader 2020 2020.001.30020 or newer. This patch addresses the heap-based buffer overflow
vulnerability in the `AcroForm` component, which allows an unauthenticated attacker to achieve
arbitrary code execution in the context of the current user. Ensuring that your Adobe software is up-
to-date can help protect against potential exploitation.

CVE-2018-4939

To mitigate CVE-2018-4939, it is crucial to promptly update Adobe ColdFusion to the latest

patched versions. Specifically, upgrade to Adobe ColdFusion 11 Update 14 or newer. This patch
addresses the deserialization of untrusted data vulnerability, which allows remote attackers to
execute arbitrary code via a crafted serialized payload. Ensuring that your Adobe ColdFusion
installation is up-to-date can help protect against potential exploitation.

CVE-2018-15961

To mitigate CVE-2018-15961, it is crucial to promptly update Adobe ColdFusion to the latest

patched versions. Specifically, upgrade to Adobe ColdFusion 11 Update 14 or newer. This patch
addresses the unrestricted file upload vulnerability, which allows remote attackers to upload and
execute arbitrary files on the server, potentially leading to arbitrary code execution. Ensuring that
your Adobe ColdFusion installation is up-to-date can help protect against potential exploitation.

CVE-2018-4878

To mitigate CVE-2018-4878, it is crucial to promptly update Adobe Flash Player to the latest
patched versions. Specifically, upgrade to Adobe Flash Player 28.0.0.161 or newer. This patch
addresses the use-after-free vulnerability in the Primetime SDK related to media player handling of
listener objects, which allows remote attackers to execute arbitrary code. Ensuring that your Flash
Player is up-to-date can help protect against potential exploitation.

CVE-2020-5735

To mitigate CVE-2020-5735, it is crucial to promptly update Amcrest cameras and Network Video
Recorders (NVRs) to the latest patched firmware. Specifically, upgrade to Amcrest SD-Mao-
Rhea_Eng_N_Stream3_AMCREST_V2.623.00AC004.0.R.200316.bin or newer for affected
models. This patch addresses the stack-based buffer overflow vulnerability over port 37777, which
allows an authenticated remote attacker to crash the device and possibly execute arbitrary code.
Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2019-2215

To mitigate CVE-2020-5735, it is crucial to promptly update Amcrest cameras and Network Video
Recorders (NVRs) to the latest patched firmware. Specifically, upgrade to Amcrest SD-Mao-
Rhea_Eng_N_Stream3_AMCREST_V2.623.00AC004.0.R.200316.bin or newer for affected
models. This patch addresses the stack-based buffer overflow vulnerability over port 37777, which
allows an authenticated remote attacker to crash the device and possibly execute arbitrary code.
Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2020-0041

To mitigate CVE-2020-0041, it is crucial to promptly update your Android device to the latest
patched version. Specifically, ensure that your device is running a security patch level of 2020-03-
05 or later. This patch addresses the out-of-bounds write vulnerability in the binder_transaction of
the Android kernel, which could lead to local escalation of privilege. Ensuring that your device is
up-to-date can help protect against potential exploitation.

CVE-2020-0069

To mitigate CVE-2020-0069, it is crucial to promptly update your Android device to the latest
patched version. Specifically, ensure that your device is running a security patch level of 2020-03-
05 or later. This patch addresses the out-of-bounds write vulnerability in the Mediatek Command
Queue driver, which could lead to local escalation of privilege. Ensuring that your device is up-to-
date can help protect against potential exploitation.

CVE-2017-9805

To mitigate CVE-2017-9805, it is crucial to update Apache Struts to the patched versions: 2.3.34 or
2.5.13 or newer. This patch addresses the remote code execution (RCE) vulnerability in the REST
Plugin of Apache Struts 2, which occurs due to insecure deserialization of XML payloads using the
XStream handler without any type filtering. By ensuring that your Apache Struts installation is up-
to-date, you can help protect against potential exploitation.

CVE-2021-42013

To mitigate CVE-2021-42013, it is crucial to promptly update your Apache HTTP Server to the
latest patched version. Specifically, upgrade to Apache HTTP Server 2.4.51 or newer. This patch
addresses the path traversal and remote code execution vulnerability in versions 2.4.49 and 2.4.50.
Ensuring that your server is up-to-date can help protect against potential exploitation.

CVE-2021-41773

To mitigate CVE-2021-41773, it is crucial to promptly update your Apache HTTP Server to the
latest patched version | Indusface Blog](https://www.indusface.com/blog/apache-web-server-path-
traversal-and-file-disclosure-vulnerability-cve-2021-41773/). Specifically, upgrade to Apache HTTP
Server 2.4.50 or newer. This patch addresses the path traversal and file disclosure vulnerability in
versions 2.4.49 and earlier. Ensuring that your server is up-to-date can help protect against potential
exploitation.

CVE-2019-0211

To mitigate CVE-2019-0211, it is crucial to promptly update your Apache HTTP Server to a non-
vulnerable version. Specifically, upgrade to Apache HTTP Server 2.4.39 or newer. This patch
addresses the privilege escalation vulnerability in versions 2.4.17 to 2.4.38, which allows code
executed in less-privileged child processes or threads to run arbitrary code with the parent process's
privileges by manipulating the scoreboard. Ensuring that your server is up-to-date can help protect
against potential exploitation.

CVE-2016-4437

To mitigate CVE-2016-4437, it is crucial to promptly update Apache Shiro to the patched version.
Specifically, upgrade to Apache Shiro 1.2.5 or newer. This patch addresses the remote code
execution vulnerability in the "remember me" feature when a cipher key has not been configured.
Ensuring that your Apache Shiro installation is up-to-date can help protect against potential
exploitation.k

CVE-2019-17558

To mitigate CVE-2016-4437, it is crucial to promptly update Apache Shiro to the patched version.
Specifically, upgrade to Apache Shiro 1.2.5 or newer. This patch addresses the remote code
execution vulnerability in the "remember me" feature when a cipher key has not been configured.
Ensuring that your Apache Shiro installation is up-to-date can help protect against potential
exploitation.

CVE-2020-17530

To mitigate CVE-2020-17530, it is crucial to promptly update Apache Struts to the patched

versions: 2.5.26 or 2.3.36 or newer. This patch addresses the remote code execution vulnerability
due to insufficient input validation, leading to forced double OGNL evaluation when evaluating raw
user input. Ensuring that your Apache Struts installation is up-to-date can help protect against
potential exploitation.

CVE-2017-5638
To mitigate CVE-2017-5638, it is crucial to promptly update Apache Struts to the patched versions:
2.3.32 or 2.5.10.1 or newer. This patch addresses the remote code execution (RCE) vulnerability in
the Jakarta Multipart parser, which allows remote attackers to execute arbitrary commands via a
crafted Content-Type, Content-Disposition, or Content-Length HTTP header. Ensuring that your
Apache Struts installation is up-to-date can help protect against potential exploitation.

CVE-2018-11776

To mitigate CVE-2018-11776, it is crucial to promptly update Apache Struts to the patched

versions: 2.3.35 or 2.5.17 or newer. This patch addresses the remote code execution (RCE)
vulnerability in the Jakarta Multipart parser, which allows remote attackers to execute arbitrary
commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header.
Ensuring that your Apache Struts installation is up-to-date can help protect against potential
exploitation.

CVE-2021-30858

To mitigate CVE-2021-30858, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 14.8, iPadOS 14.8, macOS Big Sur 11.6, watchOS
7.6.2, and Safari 14.1.2 or newer. This patch addresses the use-after-free vulnerability in the
rendering engine of Safari (Webkit), which allows an attacker to create a maliciously crafted
webpage that can lead to arbitrary code execution on the device. Ensuring that your devices are up-
to-date can help protect against potential exploitation.

CVE-2019-6223

To mitigate CVE-2019-6223, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 12.1.4 or newer and macOS Mojave 10.14.3
Supplemental Update or newer. This patch addresses the logic issue in the handling of Group
FaceTime calls, which could allow the initiator of a Group FaceTime call to cause the recipient to
answer unknowingly. Ensuring that your devices are up-to-date can help protect against potential
exploitation.

CVE-2021-30860

To mitigate CVE-2021-30860, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 14.8, iPadOS 14.8, macOS Big Sur 11.6, watchOS
7.6.2, and Safari 14.1.2 or newer. This patch addresses the integer overflow vulnerability in the
CoreGraphics library, which could allow an attacker to execute arbitrary code by processing a
maliciously crafted PDF. Ensuring that your devices are up-to-date can help protect against
potential exploitation.

CVE-2020-27930

To mitigate CVE-2020-27930, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9,
watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS
14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, and macOS
Catalina 10.15.7 Update. This patch addresses the memory corruption issue with improved input
validation. Processing a maliciously crafted font may lead to arbitrary code execution. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30807

To mitigate CVE-2021-30807, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.5.1, iOS 14.7.1, iPadOS 14.7.1, and
watchOS 7.6.1 or newer. This patch addresses a memory corruption issue with improved memory
handling. An application may be able to execute arbitrary code with kernel privileges. Apple is
aware of a report that this issue may have been actively exploited. Ensuring that your devices are
up-to-date can help protect against potential exploitation.

CVE-2020-27950

To mitigate CVE-2020-27950, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9,
watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS
14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, and macOS
Catalina 10.15.7 Update. This patch addresses a memory initialization issue that could allow a
malicious application to disclose kernel memory. Ensuring that your devices are up-to-date can help
protect against potential exploitation.

CVE-2020-27932

To mitigate CVE-2020-27932, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9,
watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS
14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, and macOS
Catalina 10.15.7 Update. This patch addresses a type confusion issue with improved state handling.
A malicious application may be able to execute arbitrary code with kernel privileges. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2020-9818

To mitigate CVE-2020-9818, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 13.5, iPadOS 13.5, iOS 12.4.7, and watchOS 6.2.5 or
newer. This patch addresses the out-of-bounds write issue with improved bounds checking.
Processing a maliciously crafted mail message may lead to unexpected memory modification or
application termination. Ensuring that your devices are up-to-date can help protect against potential
exploitation.

CVE-2020-9819

To mitigate CVE-2020-9819, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 13.5, iPadOS 13.5, iOS 12.4.7, and watchOS 6.2.5 or
newer. This patch addresses a memory consumption issue with improved memory handling.
Processing a maliciously crafted mail message may lead to heap corruption. Ensuring that your
devices are up-to-date can help protect against potential exploitation.
CVE-2021-30762

To mitigate CVE-2021-30762, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 12.5.4, iPadOS 12.5.4, iOS 14.8, iPadOS 14.8,
macOS Big Sur 11.6, watchOS 7.6.2, and Safari 14.1.2 or newer. This patch addresses the use-after-
free vulnerability in WebKit, which allows an attacker to execute arbitrary code by processing
maliciously crafted web content. Ensuring that your devices are up-to-date can help protect against
potential exploitation.

CVE-2021-1782

To mitigate CVE-2021-1782, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.2, Security Update 2021-001 Catalina,
Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4, and iPadOS 14.4 or newer.
This patch addresses a race condition vulnerability with improved locking. A malicious application
may be able to elevate privileges. Apple is aware of a report that this issue may have been actively
exploited. Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-1870

To mitigate CVE-2021-1870, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.2, Security Update 2021-001 Catalina,
Security Update 2021-001 Mojave, iOS 14.4, and iPadOS 14.4 or newer. This patch addresses a
logic issue with improved restrictions. A remote attacker may be able to cause arbitrary code
execution. Apple is aware of a report that this issue may have been actively exploited. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2021-1871

To mitigate CVE-2021-1871, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.2, Security Update 2021-001 Catalina,
Security Update 2021-001 Mojave, iOS 14.4, and iPadOS 14.4 or newer. This patch addresses a
logic issue with improved restrictions. A remote attacker may be able to cause arbitrary code
execution. Apple is aware of a report that this issue may have been actively exploited. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2021-1879

To mitigate CVE-2021-1879, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 12.5.2, iOS 14.4.2, iPadOS 14.4.2, and watchOS
7.3.3 or newer. This patch addresses the universal cross-site scripting (XSS) vulnerability in
WebKit, which allows an attacker to execute arbitrary code by processing maliciously crafted web
content. Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30661

To mitigate CVE-2021-30661, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to Safari 14.1, iOS 12.5.3, iOS 14.5, iPadOS 14.5, watchOS
7.4, tvOS 14.5, and macOS Big Sur 11.3 or newer. This patch addresses the use-after-free
vulnerability in WebKit, which allows an attacker to execute arbitrary code by processing
maliciously crafted web content. Ensuring that your devices are up-to-date can help protect against
potential exploitation.

CVE-2021-30666

To mitigate CVE-2021-30666, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 12.5.3, iOS 14.5, iPadOS 14.5, watchOS 7.4, tvOS
14.5, and macOS Big Sur 11.3 or newer. This patch addresses the buffer overflow issue with
improved memory handling. Processing maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have been actively exploited. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30713

To mitigate CVE-2021-30713, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.4 or newer. This patch addresses a
permissions issue with improved validation. A malicious application may be able to bypass Privacy
preferences. Apple is aware of a report that this issue may have been actively exploited. Ensuring
that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30657

To mitigate CVE-2021-30657, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to macOS Big Sur 11.3, Security Update 2021-002 Catalina,
or newer. This patch addresses a logic issue with improved state management. A malicious
application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been
actively exploited. Ensuring that your devices are up-to-date can help protect against potential
exploitation.

CVE-2021-30665

To mitigate CVE-2021-30665, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to watchOS 7.4.1, iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6,
iOS 12.5.3, and macOS Big Sur 11.3.1 or newer. This patch addresses a memory corruption issue
with improved state management. Processing maliciously crafted web content may lead to arbitrary
code execution. Apple is aware of a report that this issue may have been actively exploited.
Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30663

To mitigate CVE-2021-30663, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari
14.1.1, and macOS Big Sur 11.3.1 or newer. This patch addresses an integer overflow vulnerability
with improved input validation. Processing maliciously crafted web content may lead to arbitrary
code execution. Ensuring that your devices are up-to-date can help protect against potential
exploitation.

CVE-2021-30761

To mitigate CVE-2021-30761, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 12.5.4, iPadOS 12.5.4, iOS 14.8, iPadOS 14.8,
macOS Big Sur 11.6, watchOS 7.6.2, and Safari 14.1.2 or newer. This patch addresses a memory
corruption issue with improved state management. Processing maliciously crafted web content may
lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively
exploited. Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-30869

To mitigate CVE-2021-30869, it is crucial to promptly update your Apple devices to the latest
patched versions](https://threatprotect.qualys.com/2021/09/24/apples-arbitrary-code-injection-
vulnerability-cve-2021-30869/). Specifically, upgrade to iOS 12.5.5, iOS 14.4, iPadOS 14.4,
macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, and
Security Update 2021-006 Catalina or newer. This patch addresses a type confusion issue with
improved state handling. A malicious application may be able to execute arbitrary code with kernel
privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2020-9859

To mitigate CVE-2020-9859, it is crucial to promptly update your Apple devices to the latest
patched versions. Specifically, upgrade to iOS 13.5.1, iPadOS 13.5.1, macOS Catalina 10.15.5
Supplemental Update, tvOS 13.4.6, and watchOS 6.2.6 or newer. This patch addresses a memory
consumption issue with improved memory handling. An application may be able to execute
arbitrary code with kernel privileges. Ensuring that your devices are up-to-date can help protect
against potential exploitation.

CVE-2021-20090

To mitigate CVE-2021-20090, it is crucial to promptly update your Buffalo WSR-2533DHPL2 and

WSR-2533DHP3 devices to the latest patched firmware versions. Specifically, upgrade to firmware
version 1.03 or newer for WSR-2533DHPL2 and firmware version 1.25 or newer for WSR-
2533DHP3. This patch addresses a path traversal vulnerability that allows unauthenticated remote
attackers to bypass authentication and potentially take control of the affected device. Ensuring that
your devices are up-to-date can help protect against potential exploitation.

CVE-2021-27562

To mitigate CVE-2021-27562, it is crucial to promptly update your Arm Trusted Firmware M to the
latest patched version. Specifically, upgrade to version 1.3 or newer. This patch addresses an out-of-
bounds write vulnerability that allows the non-secure (NS) world to trigger a system halt, overwrite
secure data, or print out secure data when calling secure functions under the non-secure processing
environment (NSPE) handler mode. Ensuring that your firmware is up-to-date can help protect
against potential exploitation. Would you like to know about any other CVEs or need assistance
with another topic?

CVE-2021-28664

To mitigate CVE-2021-28664, it is crucial to promptly update your Arm Mali GPU kernel driver to
the latest patched version. Specifically, upgrade to Bifrost r30p0 or newer, Valhall r30p0 or newer,
and Midgard r31p0 or newer. This patch addresses a privilege escalation and denial of service
vulnerability due to an unprivileged user being able to achieve read/write access to read-only pages.
Ensuring that your GPU driver is up-to-date can help protect against potential exploitation.
CVE-2021-28663

To mitigate CVE-2021-28663, it is crucial to promptly update your Arm Mali GPU kernel driver to
the latest patched version. Specifically, upgrade to Bifrost r29p0 or newer, Valhall r29p0 or newer,
and Midgard r31p0 or newer. This patch addresses a use-after-free vulnerability that allows
privilege escalation or information disclosure due to mishandled GPU memory operations. Ensuring
that your GPU driver is up-to-date can help protect against potential exploitation.

CVE-2019-3398

CVE-2019-3398 is a path traversal vulnerability affecting Atlassian Confluence Server and Data
Center. This vulnerability allows a remote attacker with permissions to add attachments or create
spaces to write files to arbitrary locations, potentially leading to remote code execution.

To mitigate this vulnerability, it is crucial to update Confluence to the latest patched versions.
Specifically, upgrade to Confluence Server 6.6.13 or newer, 6.12.4 or newer, 6.13.4 or newer, 6.14.3
or newer, and 6.15.2 or newer. Ensuring that your Confluence instance is up-to-date can help protect
against potential exploitation.

CVE-2021-26084

To mitigate CVE-2021-26084: This is a critical vulnerability affecting Atlassian Confluence Server

and Data Center. Known as an Object-Graph Navigation Language (OGNL) injection, it allows
unauthenticated attackers to execute arbitrary code. Affected versions are before 6.13.23, from
6.14.0 before 7.4.11, from 7.5.0 before 7.11.6, and from 7.12.0 before 7.12.5. Ensure you update
Confluence to the latest versions: 6.13.23, 7.4.11, 7.11.6, or 7.12.5 or newer. This step will protect
your Confluence instance from potential exploitation.

CVE-2019-11580

To mitigate CVE-2019-11580, it is crucial to promptly update your Atlassian Crowd and Crowd
Data Center to the latest patched versions. Specifically, upgrade to version 3.0.5 or newer for 3.0.x,
version 3.1.6 or newer for 3.1.x, version 3.2.8 or newer for 3.2.x, version 3.3.5 or newer for 3.3.x,
and version 3.4.4 or newer for 3.4.x. This patch addresses a vulnerability where the pdkinstall
development plugin was incorrectly enabled in release builds, allowing attackers to install arbitrary
plugins and execute remote code. Ensuring that your Crowd or Crowd Data Center installations are
up-to-date can help protect against potential exploitation.

CVE-2019-3396

To mitigate CVE-2019-3396, it is crucial to promptly update your Atlassian Confluence Server and
Data Center to the latest patched versions. Specifically, upgrade to version 6.6.12 or newer for
6.6.x, version 6.12.3 or newer for 6.12.x, version 6.13.3 or newer for 6.13.x, and version 6.14.2 or
newer for 6.14.x. This patch addresses a server-side template injection vulnerability in the Widget
Connector macro, which allows remote attackers to achieve path traversal and remote code
execution. Ensuring that your Confluence instance is up-to-date can help protect against potential
exploitation.

CVE-2021-42258
To mitigate CVE-2021-42258, it is crucial to promptly update your BQE BillQuick Web Suite to the
latest patched version. Specifically, upgrade to version 22.0.9.1 or newer. This patch addresses a
SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary code.
Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via
xp_cmdshell. This vulnerability was exploited in the wild in October 2021 for ransomware
installation. Ensuring that your BillQuick Web Suite is up-to-date can help protect against potential
exploitation.

CVE-2020-3452

To mitigate CVE-2020-3452, it is crucial to promptly update your Cisco Adaptive Security

Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software to the latest
patched versions. Specifically, upgrade to Cisco ASA Software 9.8.4 or newer and Cisco FTD
Software 6.2.3 or newer. This patch addresses a directory traversal vulnerability in the web services
interface, which allows an unauthenticated, remote attacker to read sensitive files on a targeted
system. Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2020-3580

To mitigate CVE-2020-3580, it is crucial to promptly update your Cisco Adaptive Security

Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software to the latest
patched versions. Specifically, upgrade to Cisco ASA Software 9.8.4 or newer and Cisco FTD
Software 6.2.3 or newer. This patch addresses multiple vulnerabilities in the web services interface
that could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks
against a user of the web services interface of an affected device. Ensuring that your devices are up-
to-date can help protect against potential exploitation.

CVE-2021-1497

To mitigate CVE-2021-1497, it is crucial to promptly update your Cisco HyperFlex HX Installer

Virtual Machine to the latest patched version. Specifically, upgrade to version 4.0 or newer. This
patch addresses a command injection vulnerability in the web-based management interface, which
allows an unauthenticated, remote attacker to execute arbitrary commands on an affected device.
Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2021-1498

To mitigate CVE-2021-1498, it is crucial to promptly update your Cisco HyperFlex HX Data

Platform to the latest patched version. Specifically, upgrade to Cisco HyperFlex HX Installer Virtual
Machine version 4.0 or newer. This patch addresses a command injection vulnerability in the web-
based management interface, which allows an unauthenticated, remote attacker to execute arbitrary
commands on an affected device. Ensuring that your devices are up-to-date can help protect against
potential exploitation.

CVE-2018-0171

To mitigate CVE-2018-0171, it is crucial to promptly update your Cisco IOS and IOS XE Software
to the latest patched versions. Specifically, upgrade to Cisco IOS Software releases 15.2(5)E and
newer and Cisco IOS XE Software releases 16.3(1)E and newer. This patch addresses a critical
vulnerability in the Smart Install feature, which allows an unauthenticated, remote attacker to
trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute
arbitrary code on an affected device. Ensuring that your devices are up-to-date can help protect
against potential exploitation.

CVE-2020-3118

To mitigate CVE-2020-3118, it is crucial to promptly update your Cisco IOS XR Software to the
latest patched versions. Specifically, upgrade to Cisco IOS XR Software releases 32-bit or 64-bit
that include the fix for this vulnerability. This patch addresses a vulnerability in the Cisco Discovery
Protocol implementation, which could allow an unauthenticated, adjacent attacker to execute
arbitrary code or cause a reload on an affected device. Ensuring that your devices are up-to-date can
help protect against potential exploitation.

CVE-2020-3566

To mitigate CVE-2020-3566, it is crucial to promptly update your Cisco IOS XR Software to the
latest patched versions. Specifically, upgrade to Cisco IOS XR Software releases 32-bit or 64-bit
that include the fix for this vulnerability. This patch addresses a vulnerability in the Distance Vector
Multicast Routing Protocol (DVMRP) feature, which could allow an unauthenticated, remote
attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient
queue management for Internet Group Management Protocol (IGMP) packets.

Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2020-3569

To mitigate CVE-2020-3569, it is crucial to promptly update your Cisco IOS XR Software to the
latest patched versions. Specifically, upgrade to Cisco IOS XR Software releases 32-bit or 64-bit
that include the fix for this vulnerability. This patch addresses a vulnerability in the Distance Vector
Multicast Routing Protocol (DVMRP) feature, which could allow an unauthenticated, remote
attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or
make it consume available memory and eventually crash. The memory consumption may negatively
impact other processes that are running on the device. Ensuring that your devices are up-to-date can
help protect against potential exploitation.

CVE-2020-3161

To mitigate CVE-2020-3161, it is crucial to promptly update your Cisco IP Phones to the latest
patched versions. Specifically, upgrade to firmware version 11.7 or newer. This patch addresses a
vulnerability in the web server for Cisco IP Phones, which could allow an unauthenticated, remote
attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a
denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of
HTTP requests. Ensuring that your IP phones are up-to-date can help protect against potential
exploitation.

CVE-2019-1653

To mitigate CVE-2019-1653, it is crucial to promptly update your Cisco Small Business RV320 and
RV325 Dual Gigabit WAN VPN Routers to the latest patched firmware versions. Specifically,
upgrade to firmware version 1.4.2.22 or newer. This patch addresses a vulnerability in the web-
based management interface, which allows an unauthenticated, remote attacker to retrieve sensitive
information due to improper access controls for URLs. Ensuring that your routers are up-to-date can
help protect against potential exploitation.

CVE-2018-0296

To mitigate CVE-2018-0296, it is crucial to promptly update your Cisco Adaptive Security

Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software to the latest
patched versions. Specifically, upgrade to Cisco ASA Software releases 9.8.4 or newer and Cisco
FTD Software releases 6.2.3 or newer. This patch addresses a web interface vulnerability that
allows an unauthenticated, remote attacker to cause an affected device to reload unexpectedly,
resulting in a denial of service (DoS) condition. In some cases, the attacker could also view
sensitive system information without authentication by using directory traversal techniques.
Ensuring that your devices are up-to-date can help protect against potential exploitation.

CVE-2019-13608

To mitigate CVE-2019-13608, it is crucial to promptly update your Citrix StoreFront Server to the
latest patched versions. Specifically, upgrade to StoreFront 1903, 7.15 LTSR CU4 (3.12.4000), or
7.6 LTSR CU8 (3.0.8000) or newer. This patch addresses an XML External Entity (XXE)
processing vulnerability that allows an unauthenticated attacker to retrieve potentially sensitive
information from the server. Ensuring that your StoreFront Server is up-to-date can help protect
against potential exploitation.

CVE-2020-8193

To mitigate CVE-2020-8193, it is essential to upgrade your Citrix ADC and Citrix Gateway to the
latest patched versions. This vulnerability, caused by improper access control, allows
unauthenticated access to certain URL endpoints. Specifically, ensure that your systems are running
Citrix ADC and Citrix Gateway versions 13.0-58.30 or newer, 12.1-57.18 or newer, 12.0-63.21 or
newer, 11.1-64.14 or newer, and 10.5-70.18 or newer. Additionally, Citrix SDWAN WAN-OP
versions should be updated to 11.1.1a, 11.0.3d, or 10.2.7 or newer. By applying these updates, you
can protect your systems from potential unauthorized access and exploitation.

CVE-2020-8195

To mitigate CVE-2020-8195, it is essential to promptly update your Citrix ADC and Citrix Gateway
to the latest patched versions. This improper input validation vulnerability can lead to limited
information disclosure to low-privileged users. Ensure your systems are running Citrix ADC and
Citrix Gateway versions 13.0-58.30 or newer, 12.1-57.18 or newer, 12.0-63.21 or newer, 11.1-64.14
or newer, and 10.5-70.18 or newer. Additionally, update Citrix SDWAN WAN-OP versions to
11.1.1a, 11.0.3d, or 10.2.7 or newer. By applying these updates, you can safeguard your systems
against potential unauthorized access and information disclosure.

CVE-2020-8196

To mitigate CVE-2020-8196, it is essential to update your Citrix ADC and Citrix Gateway to the
latest patched versions. This improper access control vulnerability can lead to limited information
disclosure to low-privileged users. Ensure your systems are running Citrix ADC and Citrix Gateway
versions 13.0-58.30 or newer, 12.1-57.18 or newer, 12.0-63.21 or newer, 11.1-64.14 or newer, and
10.5-70.18 or newer. Additionally, update Citrix SDWAN WAN-OP versions to 11.1.1a, 11.0.3d, or
10.2.7 or newer. By applying these updates, you can safeguard your systems against potential
unauthorized access and information disclosure.
CVE-2019-19781

To mitigate CVE-2019-19781, it is essential to promptly update your Citrix ADC (Application

Delivery Controller) and Citrix Gateway to the latest patched versions. This vulnerability allows an
unauthenticated attacker to execute arbitrary code on the affected devices. As an immediate
mitigation, apply a responder policy and action to block potentially malicious requests. This
involves enabling the responder feature, adding a responder action and policy, and binding the
policy globally. Ensuring your systems are up-to-date will help safeguard against unauthorized
access and potential attacks.

CVE-2019-11634

To mitigate CVE-2019-11634, promptly update your Citrix Workspace App to version 1904 or
newer, and Receiver for Windows LTSR to version 4.9 CU6 (4.9.6001) or newer. This remote code
execution vulnerability can allow attackers to gain unauthorized access to the client's local drives. If
immediate upgrades are not feasible, implementing a Client Selective Trust policy via GPO can
help limit exploitability until the upgrade is completed. Keeping your systems up-to-date is crucial
for protecting against potential security threats and unauthorized access.

CVE-2020-29557

To mitigate CVE-2020-29557, promptly update your D-Link DIR-825 R1 device firmware to the
latest version. This buffer overflow vulnerability in the web interface allows attackers to achieve
pre-authentication remote code execution. Ensure your device firmware is updated to versioN 3.0.2
or newer. Applying this update will help protect your device from potential exploitation and
unauthorized access.

CVE-2020-25506

To mitigate CVE-2020-25506, promptly update your D-Link DNS-320 firmware to the latest
version. This command injection vulnerability in the system_mgr.cgi component can lead to remote
arbitrary code execution. Ensure your device firmware is updated to version 2.06B02 or newer.
Applying this update will help protect your device from potential exploitation and unauthorized
access.

CVE-2018-15811

To mitigate CVE-2018-15811, promptly update your DotNetNuke (DNN) installation to version

9.2.2 or newer. This vulnerability arises due to the use of a weak encryption algorithm to protect
input parameters, which can lead to remote code execution through cookie deserialization. Ensuring
your software is up-to-date with the latest security patches will help protect against potential
exploitation and unauthorized access.

CVE-2018-18325

To mitigate CVE-2018-18325, promptly update your DotNetNuke (DNN) installation to version

9.2.3 or newer. This vulnerability arises due to the use of a weak encryption algorithm to protect
input parameters, which can lead to remote code execution through cookie deserialization. Ensuring
your software is up-to-date with the latest security patches will help protect against potential
exploitation and unauthorized access.
CVE-2017-9822

To mitigate CVE-2017-9822, promptly update your DotNetNuke (DNN) installation to version

9.3.1 or newer. This remote code execution vulnerability is caused by improper deserialization of
the `DNNPersonalization` cookie, allowing attackers to execute arbitrary code on the server.
Ensuring your software is up-to-date with the latest security patches will help protect against
potential exploitation and unauthorized access.

CVE-2019-15752

To mitigate CVE-2019-15752, promptly update your Docker Desktop Community Edition to

version 2.1.0.1 or newer. This vulnerability allows local users to gain privileges by placing a Trojan
horse file (`docker-credential-wincred.exe`) in a specific directory and waiting for an admin or
service user to authenticate with Docker. Ensuring your software is up-to-date will help protect
against potential exploitation and unauthorized access.

CVE-2020-8515

To mitigate CVE-2020-8515, promptly update your DrayTek Vigor2960, Vigor3900, and

Vigor300B devices to firmware version 1.5.1 or newer. This vulnerability allows remote code
execution as root without authentication via shell metacharacters to the `cgi-bin/mainfunction.cgi`
URI. Ensuring your devices are up-to-date will help protect against potential exploitation and
unauthorized access.

CVE-2018-7600
To mitigate CVE-2018-7600, promptly update your Drupal installation to the latest version.
Specifically, upgrade to Drupal 7.58 or Drupal 8.5.1 or newer. This critical vulnerability allows
remote attackers to execute arbitrary code due to issues affecting multiple subsystems with default
or common module configurations. Ensuring your Drupal installation is up-to-date will help protect
against potential exploitation and unauthorized access.

CVE-2021-22205

To mitigate CVE-2021-22205, promptly update your GitLab installation to the latest patched
versions. This critical remote code execution vulnerability, caused by improper validation of image
files, allows attackers to execute arbitrary commands on the server . Ensure your GitLab instance is
updated to 13.10.3, 13.9.6, or 13.8.8 or newer. Applying this update will help protect your server
from potential exploitation and unauthorized access.

CVE-2018-6789

To mitigate CVE-2018-6789, promptly update your Exim message transfer agent to version 4.90.1
or newer. This remote code execution vulnerability, caused by a buffer overflow in the base64
decode function, can be exploited by sending a specially crafted message. Ensuring your Exim
installation is up-to-date will help protect against potential exploitation and unauthorized access.

CVE-2020-8657

To mitigate CVE-2020-8657, promptly update your EyesOfNetwork installation to version 5.3.1 or

newer. This vulnerability involves the use of a hardcoded API key, which allows attackers to guess
the admin access token. Ensuring your software is up-to-date will help protect against potential
exploitation and unauthorized access.

CVE-2020-8655

To mitigate CVE-2020-8655, promptly update your EyesOfNetwork installation to version 5.3.1 or

newer. This vulnerability involves a privilege escalation issue in the sudoers configuration, allowing
the apache user to run arbitrary commands as root via a crafted Nmap Scripting Engine (NSE)
script. Ensuring your software is up-to-date will help protect against potential exploitation and
unauthorized access.

CVE-2020-5902

To mitigate CVE-2020-5902, promptly update your F5 BIG-IP devices to the latest patched
versions](https://blog.qualys.com/vulnerabilities-threat-research/2020/07/06/f5-big-ip-remote-code-
execution-vulnerability-cve-2020-5902). This critical remote code execution vulnerability affects
the Traffic Management User Interface (TMUI) and allows unauthenticated attackers to execute
arbitrary commands, create or delete files, disable services, and execute arbitrary Java code. Ensure
your devices are running BIG-IP versions 16.0.0 or newer, 15.1.0.4 or newer, 14.1.2.6 or newer,
13.1.3.4 or newer, or 12.1.5.2 or newer. Applying this update will help protect your systems from
potential exploitation and unauthorized access.

CVE-2021-22986

To mitigate CVE-2021-22986, promptly update your F5 BIG-IP devices to the latest patched
versions. This critical remote code execution vulnerability affects the iControl REST interface,
allowing unauthenticated attackers to execute arbitrary code on the device. Ensure your devices are
running BIG-IP versions 16.0.0 or newer, 15.1.0.4 or newer, 14.1.2.6 or newer, 13.1.3.4 or newer, or
12.1.5.2 or newer. Applying this update will help protect your systems from potential exploitation
and unauthorized access.

CVE-2021-35464

To mitigate CVE-2021-35464, promptly update your ForgeRock Access Manager (AM) to version
7.0 or newer. This critical vulnerability, caused by unsafe Java deserialization in the Jato
framework, allows remote code execution without authentication. Ensuring your AM server is up-
to-date will help protect against potential exploitation and unauthorized access.

CVE-2019-5591

To mitigate CVE-2019-5591, promptly apply the updates provided by Fortinet as per their advisory
FG-IR-19-037. This default configuration vulnerability in FortiOS allows an unauthenticated
attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
Ensuring your FortiOS is updated to a version that includes the fix for this vulnerability will help
protect your system from potential exploitation and unauthorized access.

CVE-2020-12812

To mitigate CVE-2020-12812, promptly update your FortiOS to the latest patched version. This
improper authentication vulnerability in the SSL VPN allows users to bypass second-factor
authentication (FortiToken) by changing the case of their username. Ensure your FortiOS is updated
to version 6.0.10 or newer. Applying this update will help protect your system from potential
exploitation and unauthorized access.

CVE-2018-13379

To mitigate CVE-2018-13379, promptly update your Fortinet FortiOS to the latest patched version.
This path traversal vulnerability in the SSL VPN web portal allows unauthenticated attackers to
download system files via specially crafted HTTP requests. Ensure your FortiOS is updated to
version 6.0.4 or newer. Applying this update will help protect your system from potential
exploitation and unauthorized access.

CVE-2020-16010

To mitigate CVE-2020-16010, promptly update your Google Chrome for Android to version
86.0.4240.185 or newer. This heap buffer overflow vulnerability in the UI allows a remote attacker
who has compromised the renderer process to potentially perform a sandbox escape via a crafted
HTML page. Ensuring your Chrome browser is up-to-date will help protect your device from
potential exploitation and unauthorized access.

CVE-2020-15999

To mitigate CVE-2020-15999, promptly update your Google Chrome to version 86.0.4240.111 or

newer. This heap buffer overflow vulnerability in the Freetype library allows remote attackers to
potentially exploit heap corruption via a crafted HTML page. Ensuring your Chrome browser is up-
to-date will help protect your device from potential exploitation and unauthorized access.

CVE-2021-21166

To mitigate CVE-2021-21166, promptly update your Google Chrome to version 89.0.4389.72 or

newer. This data race vulnerability in the audio component allows remote attackers to potentially
exploit heap corruption via a crafted HTML page. Ensuring your Chrome browser is up-to-date will
help protect your device from potential exploitation and unauthorized access.

CVE-2020-16017

To mitigate CVE-2020-16017, promptly update your Google Chrome to version 86.0.4240.198 or

newer. This use-after-free vulnerability in site isolation allows a remote attacker who has
compromised the renderer process to potentially perform a sandbox escape via a crafted HTML
page. Ensuring your Chrome browser is up-to-date will help protect your device from potential
exploitation and unauthorized access.

CVE-2021-37976

To mitigate CVE-2021-37976, promptly update your Google Chrome to version 94.0.4606.71 or

newer. This vulnerability, caused by an inappropriate implementation in memory, allows a remote
attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Ensuring your Chrome browser is up-to-date will help protect your device from potential
exploitation and unauthorized access.

CVE-2020-16009
To mitigate CVE-2020-16009, promptly update your Google Chrome to version 86.0.4240.183 or
newer. This vulnerability, caused by an inappropriate implementation in the V8 engine, allows
remote attackers to potentially exploit heap corruption via a crafted HTML page. Ensuring your
Chrome browser is up-to-date will help protect your device from potential exploitation and
unauthorized access.

CVE-2021-30632

To mitigate CVE-2021-30632, promptly update your Google Chrome to version 93.0.4577.82 or

newer. This vulnerability, caused by an out-of-bounds write issue in the V8 JavaScript engine,
allows attackers to exploit heap corruption via a crafted HTML page. Ensuring your Chrome
browser is up-to-date will help protect your device from potential exploitation and unauthorized
access.

CVE-2020-16013

To mitigate CVE-2020-16013, promptly update your Google Chrome to version 86.0.4240.198 or

newer. This vulnerability, caused by an inappropriate implementation in the V8 JavaScript engine,
allows remote attackers to potentially exploit heap corruption via a crafted HTML page. Ensuring
your Chrome browser is up-to-date will help protect your device from potential exploitation and
unauthorized access.

CVE-2021-30633
To mitigate CVE-2021-30633, promptly update your Google Chrome to version 93.0.4577.82 or
newer. This vulnerability, caused by a use-after-free issue in the Indexed DB API, allows a remote
attacker who has compromised the renderer process to potentially perform a sandbox escape via a
crafted HTML page. Ensuring your Chrome browser is up-to-date will help protect your device
from potential exploitation and unauthorized access.

CVE-2021-21148

To mitigate CVE-2021-21148, promptly update your Google Chrome to version 88.0.4324.150 or

newer. This heap buffer overflow vulnerability in the V8 JavaScript engine allows remote attackers
to potentially exploit heap corruption via a crafted HTML page. Ensuring your Chrome browser is
up-to-date will help protect your device from potential exploitation and unauthorized access.

CVE-2021-37973

To mitigate CVE-2021-37973, promptly update your Google Chrome to version 94.0.4606.61 or

newer. This use-after-free vulnerability in Portals allows a remote attacker who has compromised
the renderer process to potentially perform a sandbox escape via a crafted HTML page. Ensuring
your Chrome browser is up-to-date will help protect your device from potential exploitation and
unauthorized access.