secuiry

November 29, 2024

Mitigation Instructions for CVE-2021-26855

UBJECT: CVE-2021-26855 – Microsoft Exchange Server Remote Code Execution Vulnerability TECH STACK: Microsoft Exchange Server DATE(S) ISSUED: 03/16/2021 CRITICALITY: HIGH OVERVIEW: In the attacks CVE-2012-1823 was observed, the threat actor […]
November 29, 2024

Mitigation Instructions for CVE-2023-4966 Citrix Bleed

SUBJECT: CVE-2023-4966 Citrix NetScaler ADC and Gateway Vulnerability (Citrix Bleed) TECH STACK: Citrix NetScaler ADC and NetScaler Gateway Appliances DATE(S) ISSUED: First issued on Oct. 10, 2023, with subsequent […]
November 29, 2024

Mitigation Instructions for CVE-2018-7600

SUBJECT: Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002  TECH STACK: DRUPAL 7.X AND 8.X VERSIONS DATE(S) ISSUED: MARCH 28, 2018 Criticality: Critical OVERVIEW:A remote code execution […]
November 29, 2024

Mitigation Instructions for CVE-2019-0211

SUBJECT: CVE-2019-0211 Apache HTTP Server scoreboard RCE Vulnerability TECH STACK: Apache HTTP Server v. 2.4.17 to 2.4.38 DATE(S) ISSUED: 20220407 CRITICALITY: 7.8 OVERVIEW: In Apache HTTP Server 2.4 releases 2.4.17 […]
November 29, 2024

Mitigation Instructions for CVE-2019-11043

SUBJECT: CVE-2019-11043 PHP Buffer Overflow Remote Code Execution Vulnerability TECH STACK: PHP FPM v.7.3.10 and below DATE(S) ISSUED: 10/28/2019 CRITICALITY: 9.8 OVERVIEW: In PHP versions 7.1.x below 7.1.33, 7.2.x below […]
November 29, 2024

Mitigation Instructions for CVE-2020-36193

SUBJECT: CVE-2020-36193 PEAR Archive_Tar Improper Link Resolution Vulnerability TECH STACK: Archive_Tar library prior to 1.4.4. DATE(S) ISSUED: 01/18/2021 CRITICALITY: HIGH OVERVIEW: CVE-2020-36193 is a vulnerability in the PEAR Archive_Tar library […]
November 29, 2024

Mitigation Instructions for CVE-2023- 23752

SUBJECT: CVE-2023-23752: Joomla! Improper Access Control Vulnerability – Detailed Mitigation Guide OVERVIEW: This vulnerability template details the mitigation strategies for CVE-2023-23752, a medium-severity vulnerability affecting Joomla! […]
November 29, 2024

Mitigation Instructions for CVE-2021-39226

SUBJECT: CVE-2021-39226 Grafana Authentication Bypass Vulnerability TECH STACK: Grafana versions 7.2.0 to 7.5.5  DATE(S) ISSUED: 10/05/2021 CRITICALITY: HIGH OVERVIEW: CVE-2021-39226 is an authentication bypass vulnerability that exists in Grafana, an open-source platform […]
November 29, 2024

Mitigation Instructions for CVE-2020-28949

SUBJECT: CVE-2020-28949 PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability TECH STACK: PEAR Archive_Tar versions 1.4.0 and earlier.  DATE(S) ISSUED: 11/19/2020 CRITICALITY: HIGH OVERVIEW: CVE-2020-28949 is a vulnerability in the PEAR […]
November 29, 2024

Mitigation Instructions for CVE-2024-21893

SUBJECT: Urgent Mitigation Required: Ivanti Connect Secure, Policy Secure, and Neurons for ZTA – Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-21893) TECH STACK:  Ivanti Connect Secure (9.x, 22.x), Ivanti […]