All Vulnerabilities

  • 19-003 (January 22, 2019)
     Publish Date:  05 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DHCPv6 Client - Incoming
    1008949 - ISC dhclient Buffer Overflow Vulnerability (CVE-2018-5732)


    Database MySQL
    1009357* - MySQL 5.5.8 NULL Pointer Dereference Denial Of Service Vulnerability (CVE-2011-5049)


    Memcached
    1009459* - Memcached 'process_bin_append_prepend' Integer Overflow Vulnerability (CVE-2016-8704)
    1009458* - Memcached 'process_bin_update' Function And 'body_len' Parameter Integer Overflow Vulnerability (CVE-2016-8705)


    Web Application Common
    1009308 - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
    1009401 - Nagios XI Magpie 'cURL' Argument Injection Vulnerability (CVE-2018-15708)


    Web Application PHP Based
    1009395* - PHP 'imap_open()' Remote Code Execution Vulnerability (CVE-2018-19518)


    Web Client Common
    1009206* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 1
    1009211* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 6
    1009215* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 9
    1009405* - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
    1009403 - Apache Traffic Server ESI Plugin Cookie Header Information Disclosure (CVE-2018-8040)
    1009338* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8495)


    Web Server Apache Tika
    1009142 - Apache Tika tika-server Command Injection Vulnerability (CVE-2018-1335)


    Web Server Common
    1007185* - Java Unserialize Remote Code Execution Vulnerability


    Web Server Oracle
    1009417* - Oracle WebLogic Server DeploymentServiceServlet Insecure Deserialization Vulnerability (CVE-2018-3252)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-004 (January 29, 2019)
     Publish Date:  05 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1008746* - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882)


    Web Application Common
    1009421 - ImageMagick Multiple Security Vulnerabilities (Server) - 25
    1009467* - Microsoft Exchange Server NTLM Reflection EWS Authentication Bypass Vulnerability (CVE-2018-8581)
    1009487 - WordPress Total Donations Plugin Remote Administrative Access Vulnerability (CVE-2019-6703)


    Web Client Common
    1009210* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 4
    1009213* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 7
    1009309 - Foxit Reader Multiple Security Vulnerabilities - 16
    1009420 - ImageMagick Multiple Security Vulnerabilities (Client) - 25


    Windows Services RPC Server DCERPC
    1009478 - Identified Remote Service Creation Over DCE/RPC Protocol


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-005 (February 5, 2019)
     Publish Date:  05 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services - Client
    1004373* - Identified DLL Side Loading Attempt Over Network Share


    Web Application Common
    1009496 - Microsoft Exchange Server Elevation Of Privilege Vulnerability (CVE-2018-8581)


    Web Client Common
    1009407* - Detected Suspicious DLL Side Loading Attempt Over WebDAV
    1009483 - Linux APT Remote Code Execution Vulnerability (CVE-2019-3462)


    Web Server Apache
    1005661* - Apache HTTP Server Remote Denial Of Service Vulnerability (CVE-2013-1896)


    Web Server Oracle
    1009417* - Oracle WebLogic Server DeploymentServiceServlet Insecure Deserialization Vulnerability (CVE-2018-3252)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-006 (February 12, 2019)
     Publish Date:  05 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1009511 - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)


    DHCPv6 Client - Incoming
    1008949* - ISC dhclient Buffer Overflow Vulnerability (CVE-2018-5732)


    Microsoft Office
    1009515 - Microsoft Excel Information Disclosure Vulnerability (CVE-2019-0669)


    Web Application Common
    1009308* - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
    1009401* - Nagios XI Magpie 'cURL' Argument Injection Vulnerability (CVE-2018-15708)


    Web Application PHP Based
    1009481 - Drupal Core Critical Arbitrary PHP Code Execution Vulnerability (CVE-2019-6339)


    Web Client Common
    1009454* - Microsoft Windows Information Disclosure Vulnerability (CVE-2019-0636)
    1009500 - Microsoft Windows Multiple Security Vulnerabilities (Feb-2019)


    Web Client Internet Explorer/Edge
    1009509 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0645)
    1009498 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0650)
    1009497 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0648)
    1009501 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0590)
    1009502 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0591)
    1009503 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0593)
    1009504 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0607)
    1009506 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0610)
    1009507 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0640)
    1009508 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0642)
    1009499 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0644)
    1009510 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0651)
    1009512 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0652)
    1009516 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0655)
    1009514 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0658)
    1009513 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2019-0676)
    1009505 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2019-0606)


    Web Server Apache Tika
    1009142* - Apache Tika 'tika-server' Command Injection Vulnerability (CVE-2018-1335)


    Web Server Miscellaneous
    1008104* - Apache ActiveMQ Multiple Remote Code Execution Vulnerabilities (CVE-2016-3088)


    Windows Services RPC Server DCERPC
    1009480 - Identified WMI Query Over DCE/RPC Protocol


    Integrity Monitoring Rules:

    1008271* - Application - Docker


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-009 (February 26, 2019)
     Publish Date:  05 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1009490 - Block Administrative Share - 1


    FTP Server Common
    1003784* - FTP Server Restrict Executable File Uploads


    Kubernetes Web UI (Dashboard)
    1009493 - Kubernetes Dashboard Authentication Bypass Information Disclosure Vulnerability (CVE-2018-18264)


    Microsoft Office
    1009538 - Microsoft Office Multiple Security Vulnerabilities (Feb 2019)


    Web Application Common
    1009496* - Microsoft Exchange Server Elevation Of Privilege Vulnerability


    Web Application PHP Based
    1009541 - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
    1009544 - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)


    Web Client Common
    1009536* - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2019-7815)
    1009517 - Microsoft Windows JET Database Engine 'CreateLvSMLocs' Remote Code Execution (CVE-2019-0577)
    1009537 - Microsoft Windows JET Database Engine Multiple Remote Code Execution Vulnerabilities (Feb - 2019)
    1009533 - Microsoft Windows JET Database Out-of-Bounds Read Remote Code Execution Vulnerability (CVE-2019-0575)
    1009539 - Microsoft Windows Multiple GDI Information Disclosure Vulnerabilities (Feb 2019)


    Web Server Oracle
    1009358* - Oracle WebLogic Server RemoteObject Insecure Deserialization Vulnerability (CVE-2018-3191)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-013 (March 13, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Application Common
    1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-015 (March 26, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Solr Service
    1009601 - Apache Solr Remote Code Execution Vulnerability (CVE-2019-0192)


    Web Application Common
    1009312* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509) - 1
    1009560 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116) - 1


    Web Application Tomcat
    1002707* - Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability


    Web Client Common
    1009311* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509)
    1009559 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116)


    Web Server Common
    1007185* - Java Unserialize Remote Code Execution Vulnerability


    Windows Services RPC Server DCERPC
    1009604 - Identified Usage Of WMI Execute Methods - Server - 1


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-016 (April 1, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Internet Explorer/Edge
    1009640 - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-018 (April 3, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Trend Micro OfficeScan
    1009608 - Trend Micro Apex One And OfficeScan Directory Traversal Vulnerability (CVE-2019-9489)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-019 (April 9, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1009646 - Microsoft Office Remote Code Execution Vulnerability (CVE-2019-0801)


    Web Client Common
    1009663 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 1
    1009666 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 2
    1009662 - Adobe Flash Player Out-of-Bounds Read Vulnerability (CVE-2019-7108)
    1009653 - Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2019-0822)
    1009647 - Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2019-0803)
    1009649 - Microsoft Windows Multiple Security Vulnerabilities (Apr-2019)
    1009654 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0862)
    1009650 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0793)
    1009651 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0794)


    Web Client Internet Explorer/Edge
    1009652 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0806)
    1009658 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0810)
    1009659 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0812)
    1009660 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0829)
    1009661 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0860)
    1009657 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0861)
    1009655 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0752)
    1009656 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0753)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.