All Vulnerabilities
- * indicates a new version of an existing rule
Deep Packet Inspection Rules:
OpenTSDB
1011938 - OpenTSDB Unauthenticated Command Injection Vulnerability (CVE-2023-36812 and CVE-2023-25826)
Web Application PHP Based
1011947 - WordPress 'Backup Migration' Plugin Remote Code Execution Vulnerability (CVE-2023-6553)
Web Server HTTPS
1011916* - Adobe RoboHelp Server SQL Injection Vulnerability (CVE-2023-22275)
1011931* - Adobe RoboHelp Server XML External Entity Information Disclosure Vulnerability (CVE-2023-22274)
1011905* - Cachet Server-Side Template Injection Vulnerability (CVE-2023-43661)
1011914* - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2023-38886)
1011953 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52327)
1011952 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52328)
1011951 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52330)
Web Server Miscellaneous
1011954 - Atlassian Confluence Data Center and Server Template Injection Vulnerability (CVE-2023-22527)
1011924* - XWiki Code Injection Vulnerability (CVE-2023-46731)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1011950 - Microsoft Windows SmartScreen Vulnerability Over SMB (ZDI-CAN-23100)
Web Client Common
1011949 - Microsoft Windows SmartScreen Vulnerability (ZDI-CAN-23100)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1011037* - Identified Remote System Discovery Over SMB - 1 (ATT&CK T1018)
Ivanti Avalanche Remote Control Server
1011864 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2023-32563)
JetBrains TeamCity
1011873 - JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2023-42793)
1011815* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2023-34220)
PaperCut
1011855* - PaperCut NG Remote Code Execution Vulnerability (CVE-2023-39469)
Parse Server
1011868 - Parse Server Remote Code Execution Vulnerability (CVE-2023-36475)
Web Application Common
1011789* - GitLab Directory Traversal Vulnerability (CVE-2023-2825)
Web Server Adobe ColdFusion
1011819* - Adobe ColdFusion Authentication Bypass Vulnerability (CVE-2023-29301)
1011820* - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)
Web Server HTTPS
1011837* - GLPI SQL Injection Vulnerability (CVE-2023-35924)
1011842* - Zabbix Cross-Site Scripting Vulnerability (CVE-2023-29452)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1011875 - Exim Integer Underflow Vulnerability (CVE-2023-42118)
Mail Server Exim
1011874 - Exim Remote Code Execution Vulnerability (CVE-2023-42117)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Git
1011802 - Git Arbitrary File Write Vulnerability (CVE-2023-25652)
Web Application Common
1011805 - GeoServer SQL Injection Vulnerability (CVE-2023-25157)
1011790 - Open Web Analytics Remote Code Execution Vulnerability (CVE-2022-24637)
Web Server HTTPS
1011810 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32535)
Web Server Miscellaneous
1011756* - XWiki Code Injection Vulnerability (CVE-2023-29525)
Web Server SharePoint
1011730* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-29108)
Zoho ManageEngine ADSelfService Plus
1011793 - Zoho ManageEngine ADSelfService Plus Denial Of Service Vulnerability (CVE-2023-28342)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751* - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
cPanel
1011744* - cPanel Cross-Site Scripting Vulnerability (CVE-2023-29489)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)
Eclipse Jetty
1011378* - Eclipse Jetty Unauthenticated Information Disclosure Vulnerability (CVE-2021-28169)
IPSec-IKE
1011801 - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21758)
PaperCut
1011731* - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)
Unix Samba
1011786 - Canonical KSMBD-Tools Remote Code Execution Vulnerability (ZDI-CAN-17770)
1011796 - Linux Kernel KSMBD Denial of Service Vulnerability (CVE-2023-32247)
Web Application Common
1011789 - GitLab Directory Traversal Vulnerability (CVE-2023-2825)
Web Application PHP Based
1011736* - OpenCATS Cross-Site Scripting Vulnerability (CVE-2023-27293)
Zoho ManageEngine ADAuditPlus
1011785 - Zoho ManageEngine ADAudit Plus Arbitrary File Write Vulnerability (CVE-2021-42847)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
NFS Server
1011740* - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2023-24941)
Unix Samba
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Web Application PHP Based
1011765 - Froxlor Unrestricted File Upload Vulnerability (CVE-2023-2034)
1011776 - WordPress 'Advanced Custom Fields' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-30777)
1011771 - WordPress 'Limit Login Attempts' Plugin Cross-Site Scripting Vulnerability (CVE-2023-1861)
1011775 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2023-0631)
1011777 - WordPress 'Shield Security' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0992)
Web Client Common
1011779 - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2022-44519)
1011780 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2022-44520)
Web Server HTTPS
1011769 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32215)
1011773 - Trend Micro Apex Central SQL Injection Vulnerability (CVE-2023-32529)
Web Server Miscellaneous
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011778 - Jenkins 'Sidebar Link' Plugin Directory Traversal Vulnerability (CVE-2023-32985)
Web Server Oracle
1011734 - Oracle WebLogic Server Fusion Middleware Deserialization Vulnerability (CVE-2023-21931)
Zoho ManageEngine
1011770 - Zoho ManageEngine ADManager Plus Command Injection Vulnerability (CVE-2023-29084)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)
GoCD Server
1011758 - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287)
MSMQ Service
1011764 - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2023-21554)
Web Application Common
1011774 - MOVEit Transfer SQL Injection Vulnerability (CVE-2023-34362)
Web Application PHP Based
1011772 - Pimcore SQL Injection Vulnerability (CVE-2023-1578)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Server Common
1011342* - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)
Web Server HTTPS
1011768 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
Web Server Miscellaneous
1011739 - GitLab Cross-Site Scripting Vulnerability (CVE-2023-0050)
1011760 - XWiki Remote Code Execution Vulnerability (CVE-2023-29509)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011762 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36963)
Web Application Common
1011718 - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011754 - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
Web Server Common
1011755 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48426)
1011752 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48428)
Web Server HTTPS
1011749 - rConfig 'ajaxCompareGetCmdDates.php' SQL Injection Vulnerability (CVE-2022-45030)
Web Server Miscellaneous
1011456* - Atlassian Confluence And Data Center Remote Code Execution Vulnerability (CVE-2022-26134)
1011759 - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
1011756 - XWiki Code Injection Vulnerability (CVE-2023-29525)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751 - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1011748 - Identified Cobalt Strike DNS Beacon Runtime Detection - 1
1011753 - Identified Cobalt Strike DNS Beacon Runtime Detection - 2
Web Application PHP Based
1011736 - OpenCATS Cross-Site Scripting Vulnerability (CVE-2023-27293)
1011747 - WordPress 'Metform Elementor Contact Form Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0084)
Web Client Common
1011080* - Microsoft Multiple Products Remote Code Execution Vulnerability (CVE-2021-43209 and CVE-2022-44692)
Web Server Apache
1011750 - Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690)
Web Server Miscellaneous
1011757 - XWiki Code Injection Vulnerability (CVE-2023-29516)
Web Server SharePoint
1011730 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-29108)
Zoho ManageEngine ServiceDesk Plus_MSP
1011745 - Zoho ManageEngine ServiceDesk Plus Cross Site Scripting Vulnerability (CVE-2023-23077)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.