All Vulnerabilities

  • 19-013 (March 13, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Application Common
    1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-015 (March 26, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Solr Service
    1009601 - Apache Solr Remote Code Execution Vulnerability (CVE-2019-0192)


    Web Application Common
    1009312* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509) - 1
    1009560 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116) - 1


    Web Application Tomcat
    1002707* - Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability


    Web Client Common
    1009311* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509)
    1009559 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116)


    Web Server Common
    1007185* - Java Unserialize Remote Code Execution Vulnerability


    Windows Services RPC Server DCERPC
    1009604 - Identified Usage Of WMI Execute Methods - Server - 1


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-016 (April 1, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Internet Explorer/Edge
    1009640 - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-018 (April 3, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Trend Micro OfficeScan
    1009608 - Trend Micro Apex One And OfficeScan Directory Traversal Vulnerability (CVE-2019-9489)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-019 (April 9, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1009646 - Microsoft Office Remote Code Execution Vulnerability (CVE-2019-0801)


    Web Client Common
    1009663 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 1
    1009666 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 2
    1009662 - Adobe Flash Player Out-of-Bounds Read Vulnerability (CVE-2019-7108)
    1009653 - Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2019-0822)
    1009647 - Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2019-0803)
    1009649 - Microsoft Windows Multiple Security Vulnerabilities (Apr-2019)
    1009654 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0862)
    1009650 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0793)
    1009651 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0794)


    Web Client Internet Explorer/Edge
    1009652 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0806)
    1009658 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0810)
    1009659 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0812)
    1009660 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0829)
    1009661 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0860)
    1009657 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0861)
    1009655 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0752)
    1009656 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0753)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-028 (May 16, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Remote Desktop Protocol Server
    1009749 - Microsoft Windows Remote Desktop Services�Remote Code Execution Vulnerability (CVE-2019-0708)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-030 (May 28, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    NTP Server Linux
    1009492 - NTPsec 'ntpd ctl_getitem' Out Of Bounds Read Vulnerability (CVE-2019-6443)
    1009620 - NTPsec ntpd 'write_variables' Denial Of Service Vulnerability (CVE-2019-6445)


    Remote Desktop Protocol Server
    1009749* - Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708)


    Web Client Common
    1009666* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 2
    1009405* - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
    1009518 - Microsoft Office Information Disclosure Vulnerability (CVE-2019-0560)
    1009758 - Microsoft Windows Font Subsetting Library Integer Overflow Remote Code Execution Vulnerability (CVE-2019-0903)
    1009765 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8472)
    1009768 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0758)
    1009759 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0961)
    1009760 - Microsoft Windows Jet Database Engine Multiple Remote Code Execution Vulnerabilities (May-2019)
    1009668 - Oracle Java Arbitrary File Deletion Vulnerability (CVE-2019-2449)


    Web Client Internet Explorer/Edge
    1009763 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0937)
    1009733* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0940)


    Web Server Oracle Report Server
    1006238* - Restrict Oracle Reports Parsequery And Urlparameter Query Access


    Web Server SharePoint
    1009535* - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2019-0604)


    Zoho ManageEngine
    1009470 - Zoho ManageEngine OpManager DataMigrationServlet Insecure Deserialization Vulnerability (CVE-2018-19403)


    Integrity Monitoring Rules:

    1009639 - Application Shimming (ATT&CK: T1138)
    1009672 - Time Providers (ATT&CK: T1209)


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-022 (April 26, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Server Oracle
    1009707 - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-023 (April 30, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Mail Server Common
    1000880* - Detected Format String Vulnerability In SMTP


    Mail Server Miscellaneous
    1000090* - Detected Format String Vulnerability In IMAP


    TFTP Server
    1009365* - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)


    Web Application Common
    1009700 - Ghostscript Denial Of Service Vulnerability (CVE-2017-9835) - 1
    1005934* - Identified Suspicious Command Injection Attack
    1009315 - ImageMagick 'SetGrayscaleImage' Heap Overflow Vulnerability (CVE-2018-11625) - 1
    1009352 - Libxml2 Null Pointer Dereference Vulnerability (CVE-2018-14404) - 1


    Web Application PHP Based
    1004998* - PHP-CGI Query String Parameter Vulnerability


    Web Client Common
    1009473 - GNU Libextractor ZIP File Comment Out-of-Bounds Read Vulnerability (CVE-2018-16430)
    1009696 - Ghostscript Denial Of Service Vulnerability (CVE-2017-9835)
    1009671 - Google Chrome JSCreateObject Operation Type Confusion Vulnerability (CVE-2018-17463)
    1009314 - ImageMagick 'SetGrayscaleImage' Heap Overflow Vulnerability (CVE-2018-11625)
    1009351 - Libxml2 Null Pointer Dereference Vulnerability (CVE-2018-14404)
    1009702 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2018-8468)
    1009369* - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544)


    Web Client Internet Explorer/Edge
    1009468* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567)
    1009546 - Microsoft Edge Multiple Elevation Of Privilege Vulnerabilities
    1009570* - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2019-0768)
    1009578* - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0667)


    Web Server Apache Tika
    1009142* - Apache Tika 'tika-server' Command Injection Vulnerability (CVE-2018-1335)


    Web Server Common
    1009705 - Atlassian Confluence Server Remote Code Execution Vulnerability (CVE-2019-3396)


    Web Server Oracle
    1009707* - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-024 (May 2, 2019)
     Publish Date:  04 de lipca de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Server Oracle
    1009707* - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.