All Vulnerabilities

  • Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0140)
     Gravità: :    
     Publish Date:  15 marzo 2017
    Microsoft Edge is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
  • Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0133)
     Gravità: :    
     Publish Date:  15 marzo 2017
    Microsoft Edge is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
  • Microsoft Edge Out Of Bounds Read Vulnerability (CVE-2017-0131)
     Gravità: :    
     Publish Date:  15 marzo 2017
    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.
  • 17-012 (March 14, 2017)
     Gravità: :    
     Publish Date:  15 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1008224 - Microsoft Windows SMB Remote Code Execution Vulnerabilities (CVE-2017-0144 and CVE-2017-0146)
    1008225 - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0145)
    1008228 - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0148)


    DCERPC Services - Client
    1008187 - Microsoft Office OLE DLL Loading Vulnerability Over Network Share (CVE-2016-7275)
    1008177 - Microsoft Windows DLL Loading Vulnerability Over Network Share (CVE-2017-0039)


    Microsoft Office
    1008165 - Microsoft Office Information Disclosure Vulnerability (CVE-2017-0027)
    1008245 - Microsoft Office Information Disclosure Vulnerability (CVE-2017-0105)
    1008242 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0006)
    1008163 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0019)
    1008164 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0020)
    1008167 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0030 and CVE-2016-0031)
    1008243 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0052)
    1008244 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0053)


    Web Client Common
    1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
    1008237 - Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2017-0100)
    1008170 - Microsoft Windows DLL Loading Vulnerability Over WebDAV (CVE-2017-0039)
    1008176 - Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2017-0047)
    1008238 - Microsoft Windows GDI+ Information Disclosure vulnerability (CVE-2017-0060)
    1008239 - Microsoft Windows GDI+ Information Disclosure vulnerability (CVE-2017-0062)
    1008240 - Microsoft Windows GDI+ Information Disclosure vulnerability (CVE-2017-0073)
    1008241 - Microsoft Windows GDI+ Remote Code Execution Vulnerability (CVE-2017-0108)
    1008169 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2017-0014)
    1008172 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-0050)
    1008248 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS17-018)
    1008168 - Microsoft Windows PDF Library Memory Corruption Vulnerability (CVE-2017-0023)
    1008247 - Microsoft Windows Registry Elevation Of Privilege Vulnerability (CVE-2017-0103)
    1008236 - Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011)
    1008234 - Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 1
    1008235 - Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 2
    1008195 - Sun JDK JPG/BMP Parser Multiple Vulnerabilities (CVE-2007-2788)


    Web Client Internet Explorer/Edge
    1008157 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0011)
    1008159 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0017)
    1008211 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0065)
    1008210 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0034)
    1008219 - Microsoft Edge Out Of Bounds Read Vulnerability (CVE-2017-0131)
    1008156 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0010)
    1008158 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0015)
    1008160 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0032)
    1008161 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0035)
    1008213 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0067)
    1008216 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0070)
    1008217 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0071)
    1008218 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0094)
    1008221 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0140)
    1008222 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0141)
    1008220 - Microsoft Edge Scripting Engine Memory Corruption Vulnerabilty (CVE-2017-0133)
    1008212 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2017-0066)
    1008215 - Microsoft Edge Spoofing Vulnerability (CVE-2017-0069)
    1008150 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0009)
    1008152 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2017-0033)
    1008249 - Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2017-0154)
    1008149 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0008)
    1008208 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0059)
    1008151 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0018)
    1008154 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0040)
    1008209 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0130)
    1008250 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0149)
    1008155 - Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability (CVE-2017-0049)
    1008174 - Microsoft Windows DirectShow Information Disclosure Vulnerability (CVE-2017-0042)
    1008173 - Microsoft XML Core Service Information Disclosure Vulnerability (CVE-2017-0022)


    Web Server Common
    1005839* - Identified XML External Entity Injection In HTTP Request


    Web Server Miscellaneous
    1008129* - IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2016-5983)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-011 (March 9, 2017)
     Gravità: :    
     Publish Date:  10 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Server Miscellaneous
    1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-010 (March 7, 2017)
     Gravità: :    
     Publish Date:  08 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1008203 - DNSMessenger Malware C&C Traffic Over DNS Protocol
    1008204 - DNSMessenger Malware Domain Blocker


    Microsoft Office
    1004312* - Identified Suspicious Microsoft Word Document


    NTP Server Linux
    1007741 - NTP Crypto-NAK Packets Symmetric Association Authentication Bypass Vulnerability (CVE-2015-7871)


    P2P Applications
    1007034* - Share EX2 P2P
    1003086* - Winny


    Web Application PHP Based
    1006386* - PHP 'unserialize()' Integer Overflow Vulnerability (CVE-2014-3669)
    1008135 - PHP Exif Null Pointer Dereference Vulnerability (CVE-2016-6292)
    1007289 - PHP cURL Lib NULL Byte Injection Vulnerability
    1008182 - PHP phar_parse_pharfile Integer Overflow Vulnerability (CVE-2016-10159)
    1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
    1008186 - phpMyAdmin Authenticated Remote Code Execution Vulnerability (CVE-2013-3238)


    Web Client Common
    1004870* - Identified Suspicious Jar File


    Web Client Internet Explorer/Edge
    1008064* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)


    Web Server Miscellaneous
    1008104 - Apache ActiveMQ Multiple Remote Code Execution Vulnerabilities (CVE-2016-3088)
    1008207 - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
    1008129* - IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2016-5983)


    Web Server Oracle
    1004840* - Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-004 (January 25, 2017)
     Gravità: :    
     Publish Date:  02 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1008133 - Cisco WebEx Plugin Magic URL Arbitrary Remote Command Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-005 (February 2, 2017)
     Gravità: :    
     Publish Date:  02 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services - Client
    1008138 - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


    Web Application PHP Based
    1008140 - WordPress REST API Unauthenticated Content Injection Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-006 (February 7, 2017)
     Gravità: :    
     Publish Date:  02 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Backup Server IBM Tivoli Storage Manager FastBack Server
    1007357* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)


    DCERPC Services
    1008123* - Microsoft Windows Local Security Authority Subsystem Service Denial Of Service Vulnerability (CVE-2016-7237)


    DCERPC Services - Client
    1008138* - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


    DNS Client
    1008128* - ISC BIND ANY Query Assertion Failure Vulnerability (CVE-2016-9131)
    1008115* - ISC BIND DNAME Resource Records Denial Of Service Vulnerability (CVE-2016-1286)


    Directory Server LDAP
    1007360* - IBM Domino LDAP Server Remote Execution Vulnerability (CVE-2015-0117)
    1008051* - Samba Active Directory Server Denial Of Service Vulnerability (CVE-2015-3223)


    HP OpenView
    1008110* - HP Data Protector Buffer Overflow Vulnerability (CVE-2016-2005)
    1008114* - HP Data Protector Multiple Remote Code Execution Vulnerabilities
    1008109* - HP Data Protector Remote Code Execution Vulnerability (CVE-2016-2007)


    HP OpenView Network Node Manager
    1007466* - HP OpenView Network Node Manager Ovalarmsrv Service Buffer Overflow (CVE-2008-1852)


    Microsoft Office
    1008075* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
    1008078* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7289)


    NTP Server Linux
    1007383* - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)
    1007399* - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
    1008091* - NTP Oversized UDP Packet Denial Of Service Vulnerability (CVE-2016-9312)


    Suspicious Client Application Activity
    1005067* - Identified Potentially Harmful Client Traffic
    1005283* - Identified Potentially Malicious RAT Traffic - I
    1005299* - Identified Potentially Malicious RAT Traffic - III
    1005300* - Identified Potentially Malicious RAT Traffic - IV
    1005473* - Identified Potentially Malicious RAT Traffic - V
    1006247* - Identified Potentially Malicious RAT Traffic - VI
    1007116* - VMware vCenter Java JMX Server Insecure Configuration Java Code Execution Vulnerability


    Suspicious Server Application Activity
    1005974* - Identified DNS Reflected Denial Of Service
    1006560* - Identified Microsoft SQL Server Resolution Service Distributed Denial Of Service Attack
    1006240* - Identified NTP Reflected Denial Of Service
    1005090* - Identified Potentially Harmful Server Traffic
    1005957* - Identified SNMP Reflected Denial Of Service
    1005910* - Identified ntpd 'monlist' Query Reflected Denial Of Service Attack
    1005517* - Restrict Maximum Packet (Transport Data Length) Size


    Unix Kerberos
    1008095 - MIT Kerberos 'kadmin' DB Denial Of Service Vulnerability (CVE-2016-3119)


    Web Application PHP Based
    1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
    1008132 - phpMyAdmin RegEx Pattern Modifier Code Injection Vulnerability (CVE-2016-5734)


    Web Client Common
    1008124* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 1
    1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
    1008133* - Cisco WebEx Plugin Magic URL Arbitrary Remote Command Execution Vulnerability
    1004114* - Identified Malicious Adobe SWF File
    1008139 - Linux Kernel Use After Free Remote Code Execution Vulnerability (CVE-2016-7117)
    1008068* - Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
    1008052* - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)


    Web Proxy Squid
    1008103* - Squid Proxy ESI Response Handler Buffer Overflow Vulnerability (CVE-2016-4054)
    1008101 - Squid Proxy ESI Response Processing Denial Of Service Vulnerability (CVE-2016-4555)


    Web Server Common
    1000473* - Parameter Name Length Restriction


    Web Server Miscellaneous
    1008120* - Apache Jetspeed Portal Site Manager ZIP File Upload Directory Traversal (CVE-2016-0709)
    1008129 - IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2016-5983)
    1008097 - Identified Apache Struts Incorrect Default 'excludeParams' Security Bypass Vulnerability
    1008093 - Oracle GlassFish Server Username And Password Brute Force Vulnerability (CVE-2011-0807)


    Web Server Oracle HTTPS
    1003212* - Oracle Secure Backup exec_qr() Command Injection Vulnerability


    Windows Services RPC Client DCERPC
    1007538* - Windows Client Port Mapper Decoder


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 17-007 (February 21, 2017)
     Gravità: :    
     Publish Date:  02 marzo 2017
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services - Client
    1008138* - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


    DNS Client
    1008180 - ISC BIND Inconsistent DS Record Assertion Failure Denial Of Service Vulnerability (CVE-2016-9444)
    1008136 - ISC BIND RRSIG Record Response Assertion Failure Denial Of Service (CVE-2016-9147)


    Suspicious Client Ransomware Activity
    1007579* - Ransomware HTTP Request


    Unix Kerberos
    1008095* - MIT Kerberos 'kadmin' DB Denial Of Service Vulnerability (CVE-2016-3119)


    Web Application Common
    1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)


    Web Application PHP Based
    1008125 - Joomla Denial Of Service Vulnerability (CVE-2013-3242)
    1008037 - PHP GC Use After Free Vulnerability (CVE-2016-5771)
    1008131 - PHP Unserialize() ZVAL Reference Counter Overflow Vulnerability (CVE-2007-1286)
    1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
    1008132* - phpMyAdmin RegEx Pattern Modifier Code Injection Vulnerability (CVE-2016-5734)


    Web Client Common
    1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
    1008183 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-04)
    1008171 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2017-0038)
    1008108 - Oracle Java Uninitialized Object Generation Remote Code Execution Vulnerability (CVE-2016-3606)


    Web Client Internet Explorer/Edge
    1008064* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)


    Web Media Applications
    1002451* - YouTube


    Web Server Miscellaneous
    1008097* - Identified Apache Struts Incorrect Default 'excludeParams' Security Bypass Vulnerability
    1008141 - Jetty Path Sanitization Vulnerability (CVE-2016-4800)
    1008093* - Oracle GlassFish Server Username And Password Brute Force Vulnerability (CVE-2011-0807)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.