All Vulnerabilities

  • 19-021 (April 23, 2019)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1009511* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)


    Message Queuing Server Microsoft
    1009623 - Microsoft Windows Message Queuing Buffer Overflow Vulnerability (CVE-2005-0059)


    Suspicious Client Application Activity
    1008946* - Heuristic Detection Of Suspicious Digital Certificate


    Web Application Tomcat
    1009697* - Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232)


    Web Client Common
    1009554* - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)


    Web Client Internet Explorer/Edge
    1009640* - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-068 (December 20, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1009437* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 1
    1009440* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4


    Web Client Internet Explorer/Edge
    1009449 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8653)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-067 (December 18, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Java RMI
    1009390* - Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution Vulnerability (CVE-2016-1000031)


    Web Application Common
    1009202 - ImageMagick Multiple 'ReadDIBImage' And 'WriteDIBImage' Out Of Bounds Write Vulnerabilities - 1


    Web Client Common
    1008883* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 2
    1009327* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 9
    1009437 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 1
    1009438 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 2
    1009439 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 3
    1009440 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4
    1009441 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 5
    1009444 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 6
    1009442 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 7
    1009443 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 8
    1009394* - Adobe Acrobat And Reader NTLM SSO Hash Information Disclosure Vulnerability (CVE-2018-15979)
    1009201 - ImageMagick Multiple 'ReadDIBImage' And 'WriteDIBImage' Out Of Bounds Write Vulnerabilities
    1009292 - Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8382)
    1009307* - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8423)
    1009366* - Microsoft Outlook Multiple Security Vulnerabilities (Nov-2018)
    1009446 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8596)
    1009293* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8475)
    1002744* - RealNetworks RealPlayer SWF Flash File Buffer Overflow Vulnerability (CVE-2006-0323)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-066 (December 11, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1009427 - Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8628)


    Web Application Common
    1009425 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323) - 1


    Web Client Common
    1009426 - 7-Zip Remote Code Execution Vulnerability (CVE-2018-10115)
    1009321* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 3
    1009326* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 8
    1009424 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323)
    1009428 - Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8587)
    1009413 - Microsoft Text-To-Speech Remote Code Execution Vulnerability (CVE-2018-8634)
    1009431 - Microsoft Windows Multiple Security Vulnerabilities (Dec-2018)
    1009268 - Oracle Outside In Excel GelFrame Out-Of-Bounds Read (CVE-2018-2992)


    Web Client Internet Explorer/Edge
    1009409 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8583)
    1009411 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8617)
    1009412 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8618)
    1009416 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8624)
    1009415 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8629)
    1009335* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8460)
    1009414 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8631)
    1009410 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8619)
    1009430 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8625)
    1009429 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8643)


    Web Client Mozilla Firefox
    1009159 - Mozilla Firefox Vorbis Audio Residue Codebook Out Of Bounds Write Vulnerability (CVE-2018-5146)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-065 (December 5, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services - Client
    1004373* - Identified DLL Side Loading Attempt Over Network Share


    Web Client Common
    1009405 - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
    1009407 - Detected Suspicious DLL Side Loading Attempt Over WebDAV


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-063 (November 27, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Asterisk RTP Protocol
    1008964* - Digium Asterisk Compound RTCP Out-Of-Bounds Write Vulnerability (CVE-2017-17664)


    Asterisk Server IAX2
    1002607* - Asterisk IAX2 Packet Amplification Remote Denial Of Service Vulnerability (CVE-2008-1897)


    Oracle Secure Backup
    1003225* - Oracle Secure Backup NDMP CONECT_CLIENT_AUTH Command Buffer Overflow


    Web Application PHP Based
    1008817 - PHP WDDX NULL Pointer Dereference Vulnerability (CVE-2016-9934)


    Web Client Common
    1009273 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-09) - 8
    1009349* - Microsoft Windows ALPC Elevation Of Privilege Vulnerability (CVE-2018-8584)
    1009378* - Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563)
    1009088* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (May 2018)
    1009382* - Microsoft Windows Multiple Security Vulnerabilities (Nov-2018)
    1009293* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8475)
    1009171* - Microsoft Windows Shell Remote Code Execution Vulnerability
    1009238* - Microsoft Windows Shell Remote Code Execution Vulnerability - 1
    1009029* - PHP 'http_fopen_wrapper' Stack Buffer Overflow Vulnerability (CVE-2018-7584)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 18-064 (December 4, 2018)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Elasticsearch
    1009209 - ElasticSearch Dynamic Script Arbitrary Java Code Execution Vulnerability (CVE-2014-3120)


    HP Intelligent Management Center (IMC)
    1008983 - HPE Intelligent Management Center 'saveSelectedDevices' Expression Language Injection Vulnerability (CVE-2017-12491)


    TFTP Server
    1009365 - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)


    Web Application Common
    1005934* - Identified Suspicious Command Injection Attack


    Web Client Internet Explorer/Edge
    1009244* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355)


    Web Client Mozilla Firefox
    1009396 - Mozilla Firefox Multiple Security Vulnerabilities


    Web Server Adobe ColdFusion
    1009387 - Adobe ColdFusion Remote File Upload Vulnerability (CVE-2018-15961)


    Integrity Monitoring Rules:

    1008271* - Application - Docker
    1003131* - Virtualization Software - VMware Server


    Log Inspection Rules:

    1003802* - Directory Server - Microsoft Windows Active Directory
  • 19-001 (January 8, 2019)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Java RMI
    1009451* - Java Unserialize Remote Code Execution Vulnerability Over RMI


    Memcached
    1009459 - Memcached 'process_bin_append_prepend' Integer Overflow Vulnerability (CVE-2016-8704)
    1009458 - Memcached 'process_bin_update' Function And 'body_len' Parameter Integer Overflow Vulnerability (CVE-2016-8705)


    Remote Desktop Protocol Server
    1009448* - Microsoft Windows Remote Desktop Protocol (RDP) Brute Force Attempt


    Web Application Common
    1009202* - ImageMagick Multiple 'ReadDIBImage' And 'WriteDIBImage' Out Of Bounds Write Vulnerabilities - 1
    1009425* - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323) - 1


    Web Application PHP Based
    1009445* - WordPress Authenticated Phar Insecure Deserialization Vulnerability


    Web Client Common
    1009460 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-02)
    1009452 - Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2018-8550)
    1009461 - Microsoft Windows Multiple Security Vulnerabilities (Jan-2019) - 1
    1009466 - Microsoft Windows Multiple Security Vulnerabilities (Jan-2019) - 2


    Web Client Internet Explorer/Edge
    1009463 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0539)
    1009468 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567)
    1009469 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568)
    1009462 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2019-0566)
    1009465 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0565)
    1009464 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2019-0541)


    Web Server Miscellaneous
    1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability


    Web Server Oracle
    1009417 - Oracle WebLogic Server DeploymentServiceServlet Insecure Deserialization Vulnerability (CVE-2018-3252)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 19-002 (January 15, 2019)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database MySQL
    1009357 - MySQL 5.5.8 NULL Pointer Dereference Denial Of Service Vulnerability (CVE-2011-5049)


    Elasticsearch
    1009209* - ElasticSearch Dynamic Script Arbitrary Java Code Execution Vulnerability (CVE-2014-3120)


    Web Client Common
    1004315* - Identified Malicious PDF Document - 3
    1009359 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8424)
    1009369* - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544)
    1009218* - Microsoft Windows VBScript Engine Use-After-Free Vulnerability (CVE-2018-8373)


    Web Client Internet Explorer/Edge
    1009246* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8372)
    1009243* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8353)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002797* - Database Server - MySQL
  • 19-003 (January 22, 2019)
     Publish Date:  05 de июля de 2019
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DHCPv6 Client - Incoming
    1008949 - ISC dhclient Buffer Overflow Vulnerability (CVE-2018-5732)


    Database MySQL
    1009357* - MySQL 5.5.8 NULL Pointer Dereference Denial Of Service Vulnerability (CVE-2011-5049)


    Memcached
    1009459* - Memcached 'process_bin_append_prepend' Integer Overflow Vulnerability (CVE-2016-8704)
    1009458* - Memcached 'process_bin_update' Function And 'body_len' Parameter Integer Overflow Vulnerability (CVE-2016-8705)


    Web Application Common
    1009308 - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
    1009401 - Nagios XI Magpie 'cURL' Argument Injection Vulnerability (CVE-2018-15708)


    Web Application PHP Based
    1009395* - PHP 'imap_open()' Remote Code Execution Vulnerability (CVE-2018-19518)


    Web Client Common
    1009206* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 1
    1009211* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 6
    1009215* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 9
    1009405* - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
    1009403 - Apache Traffic Server ESI Plugin Cookie Header Information Disclosure (CVE-2018-8040)
    1009338* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8495)


    Web Server Apache Tika
    1009142 - Apache Tika tika-server Command Injection Vulnerability (CVE-2018-1335)


    Web Server Common
    1007185* - Java Unserialize Remote Code Execution Vulnerability


    Web Server Oracle
    1009417* - Oracle WebLogic Server DeploymentServiceServlet Insecure Deserialization Vulnerability (CVE-2018-3252)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.