Todas as vulnerabilidades

  • Quest InTrust 'AnnotateX.dll' Uninitialized Pointer Code Execution Vulnerability
     Schweregrad: :    
     Data de publicação:  11 maio 2018
    Quest InTrust is prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application (typically Internet Explorer) using the ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions.
  • 22-053 (November 1, 2022)
     Schweregrad: :    
     Data de publicação:  01 novembro 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1011587 - Microsoft Windows Server Service Tampering Vulnerability (CVE-2022-30216)


    JBoss Remoting Connector Unified Invoker
    1011570* - Red Hat JBoss Enterprise Application Platform Remote Code Execution Vulnerability


    SolarWinds Information Service
    1011586 - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)


    WSO2 Enterprise Integrator
    1011580* - WSO2 Enterprise Integrator Cross-Site Scripting Vulnerability (CVE-2022-39810)


    Web Application Common
    1011588 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-40871)
    1011577* - Fastify Denial Of Service Vulnerability (CVE-2022-39288)
    1007170* - Identified Suspicious China Chopper Webshell Communication (ATT&CK T1505.003)


    Web Application PHP Based
    1011574* - WordPress 'Ketchup Restaurant Reservations' Plugin Cross-Site Scripting Vulnerability (CVE-2022-2753)
    1011579* - WordPress 'Litespeed' Plugin Cross-Site Scripting Vulnerability (CVE-2020-29172)
    1011584 - WordPress 'WP Super Cache' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24329)
    1011582 - WordPress 'WPvivid Backup' Plugin Directory Traversal Vulnerability (CVE-2022-2863)


    Web Server Miscellaneous
    1011581* - Apache JSPWiki 'UserPreferences.jsp' Cross-Site Request Forgery Vulnerability (CVE-2022-28731)
    1011572* - Vm2 Sandbox Remote Code Execution Vulnerability (CVE-2021-23449)
    1011583 - XWiki Code Injection Vulnerability (CVE-2022-36100)
    1011569 - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36094)
    1011578 - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36096)


    Zoho ManageEngine
    1011549* - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2022-40300)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
    1011453* - Microsoft Windows WMI Events - 1
  • 21-059 (December 21, 2021)
     Schweregrad: :    
     Data de publicação:  21 dezembro 2021
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Apache Storm Nimbus
    1011236* - Apache Storm Command Injection Vulnerability (CVE-2021-38294)


    Directory Server LDAP
    1011246 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)


    SolarWinds Network Performance Monitor
    1011229* - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
    1011221* - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
    1011230 - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)


    Web Application Common
    1010423* - Primetek Primefaces Remote Code Execution Vulnerability (CVE-2017-1000486)
    1011198 - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)


    Web Server Common
    1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
    1008581* - Identified Suspicious IP Addresses In XFF HTTP Header


    Web Server HTTPS
    1011232* - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)


    Web Server SharePoint
    1011224* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)


    Web Server Squid
    1011234* - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)


    Windows SMB Server
    1011251 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)


    Zoho ManageEngine
    1011237* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
    1011248 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1011250 - Web Server - Apache - 2
  • 21-048 (November 2, 2021)
     Schweregrad: :    
     Data de publicação:  02 novembro 2021
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Azure Open Management Infrastructure Tool
    1011147* - Open Management Infrastructure Remote Code Execution Vulnerability (CVE-2021-38647)


    Memcached
    1011098* - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2390)


    Suspicious Server Application Activity
    1009549* - Detected Terminal Services (RDP) Server Traffic - 1 (ATT&CK T1021.001)


    Web Application PHP Based
    1011193 - WordPress 'iThemes Security' Plugin SQL Injection Vulnerability (CVE-2018-12636)


    Web Client Common
    1010806* - Identified Directory Traversal Attack In HTTP Response Headers
    1011054* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-31206)


    Web Server Apache
    1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)


    Web Server HTTPS
    1011196 - ACME mini_httpd Server Arbitrary File Read Vulnerability (CVE-2018-18778)
    1011190 - Centreon 'ProceduresProxy.class.php' SQL Injection Vulnerability (CVE-2021-37558)


    Web Server Nagios
    1011191* - Nagios XI Arbitrary File Upload Vulnerability (CVE-2021-40344)


    Zoho ManageEngine
    1011188* - Zoho ManageEngine OpManager 'getReportData' SQL Injection Vulnerability (CVE-2021-41288)


    Zoho ManageEngine ADSelfService Plus
    1011194 - Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability (CVE-2021-40539)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
  • 21-047 (October 26, 2021)
     Schweregrad: :    
     Data de publicação:  26 outubro 2021
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Memcached
    1011097* - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2389)
    1011098 - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2390)


    Web Client Common
    1011127* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-55) - 2
    1011185 - Chromium V8 Out Of Bounds Write Vulnerability (CVE-2021-30632)
    1010207* - Microsoft Windows Multiple Type1 Font Parsing Remote Code Execution Vulnerabilities (CVE-2020-1020 and CVE-2020-0938)


    Web Server HTTPS
    1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)


    Web Server Miscellaneous
    1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
    1011179* - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
    1011163* - Spring Boot Actuator Directory Traversal Vulnerability (CVE-2021-21234)


    Web Server Nagios
    1011191 - Nagios XI Arbitrary File Upload Vulnerability (CVE-2021-40344)


    Web Server Squid
    1011159* - Squid HTTP Request Smuggling Vulnerability (CVE-2019-18678)


    Zoho ManageEngine
    1011188 - Zoho ManageEngine OpManager 'getReportData' SQL Injection Vulnerability (CVE-2021-41288)


    Integrity Monitoring Rules:

    1002786* - Microsoft Windows - Microsoft hotfixes registry keys modified (ATT&CK T1112)


    Log Inspection Rules:

    1004488* - Database Server - Microsoft SQL
    1010595* - Microsoft LDAP Query Execution
  • 21-030 (July 2, 2021)
     Schweregrad: :    
     Data de publicação:  02 julho 2021
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Port Mapper Windows
    1001033* - Windows Port Mapper Decoder


    Windows SMB Server
    1011018 - Identified DCERPC AddPrinterDriverEx Call Over SMB Protocol


    Windows Services RPC Server DCERPC
    1011016 - Identified DCERPC AddPrinterDriverEx Call Over TCP Protocol


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1011017 - Microsoft Windows - Print Spooler Failed Loading Plugin Module (PrintNightmare)
  • 19-012 (March 12, 2019)
     Schweregrad: :    
     Data de publicação:  13 março 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1009579 - Microsoft Windows SMB Information Disclosure Vulnerability (CVE-2019-0703)


    Web Application Common
    1009540 - Red Hat Ceph Storage Debug Shell Remote Command Injection (CVE-2018-14649)


    Web Application PHP Based
    1009545 - PHP 'phar_tar_writeheaders()' Function Stack Buffer Overflow Vulnerability (CVE-2016-2554)


    Web Client Common
    1009266 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 11
    1009212* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 5
    1009322 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8392)
    1009428* - Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8587)
    1009475 - Microsoft Windows Data Sharing Service Elevation Of Privilege Vulnerability (CVE-2019-0571)
    1009294 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8396)
    1009486 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8595)
    1009571 - Microsoft Windows Multiple Information Disclosure Vulnerabilities (March 2019)
    1009576 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0666)
    1009583 - Microsoft Windows Win32k Elevation Of Privilege Vulnerability (CVE-2019-0797)
    1009582 - Microsoft Windows Win32k Elevation Of Privilege Vulnerability (CVE-2019-0808)
    1009554 - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)


    Web Client Internet Explorer/Edge
    1009415* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8629)
    1009577 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0592)
    1009574 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0639)
    1009564 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0769)
    1009565 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0770)
    1009566 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0771)
    1009567 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0773)
    1009573 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2019-0612)
    1009575 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0609)
    1009414* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8631)
    1009568 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2019-0763)
    1009569 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0680)
    1009570 - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2019-0768)
    1009371* - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8552)
    1009563 - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0665)
    1009578 - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0667)


    Web Server SharePoint
    1009535 - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2019-0604)


    Integrity Monitoring Rules:

    1009434 - Kubernetes Cluster Node


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-011 (March 8, 2019)
     Schweregrad: :    
     Data de publicação:  09 março 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1009572 - Google Chrome FileReader Use-After-Free Vulnerability (CVE-2019-5786)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-010 (March 5, 2019)
     Schweregrad: :    
     Data de publicação:  06 março 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Application Common
    1009477 - Identified Sensepost Ruler Traffic
    1009457* - Jenkins CI Server XStream Insecure Deserialization Vulnerability (CVE-2016-0792)
    1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities
    1009553 - Sonatype Nexus Repository Manager Remote Code Execution Vulnerability (CVE-2019-7238)


    Web Client Common
    1009495 - LibTIFF Arbitrary Sized JBIG Decoding Denial Of Service Vulnerability (CVE-2018-18557)


    Web Server SharePoint
    1009534 - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2019-0594)


    Windows Services RPC Server DCERPC
    1009478* - Identified Remote Service Creation Over DCE/RPC Protocol


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-008 (February 21, 2019)
     Schweregrad: :    
     Data de publicação:  22 fevereiro 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Application Common
    1009496* - Microsoft Exchange Server Elevation Of Privilege Vulnerability (CVE-2018-8581)


    Web Client Common
    1009536 - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2019-7815)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.