All Vulnerabilities

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1009511 - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)


DHCPv6 Client - Incoming
1008949* - ISC dhclient Buffer Overflow Vulnerability (CVE-2018-5732)


Microsoft Office
1009515 - Microsoft Excel Information Disclosure Vulnerability (CVE-2019-0669)


Web Application Common
1009308* - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
1009401* - Nagios XI Magpie 'cURL' Argument Injection Vulnerability (CVE-2018-15708)


Web Application PHP Based
1009481 - Drupal Core Critical Arbitrary PHP Code Execution Vulnerability (CVE-2019-6339)


Web Client Common
1009454* - Microsoft Windows Information Disclosure Vulnerability (CVE-2019-0636)
1009500 - Microsoft Windows Multiple Security Vulnerabilities (Feb-2019)


Web Client Internet Explorer/Edge
1009509 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0645)
1009498 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0650)
1009497 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0648)
1009501 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0590)
1009502 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0591)
1009503 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0593)
1009504 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0607)
1009506 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0610)
1009507 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0640)
1009508 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0642)
1009499 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0644)
1009510 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0651)
1009512 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0652)
1009516 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0655)
1009514 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0658)
1009513 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2019-0676)
1009505 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2019-0606)


Web Server Apache Tika
1009142* - Apache Tika 'tika-server' Command Injection Vulnerability (CVE-2018-1335)


Web Server Miscellaneous
1008104* - Apache ActiveMQ Multiple Remote Code Execution Vulnerabilities (CVE-2016-3088)


Windows Services RPC Server DCERPC
1009480 - Identified WMI Query Over DCE/RPC Protocol


Integrity Monitoring Rules:

1008271* - Application - Docker


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1009490 - Block Administrative Share - 1


FTP Server Common
1003784* - FTP Server Restrict Executable File Uploads


Kubernetes Web UI (Dashboard)
1009493 - Kubernetes Dashboard Authentication Bypass Information Disclosure Vulnerability (CVE-2018-18264)


Microsoft Office
1009538 - Microsoft Office Multiple Security Vulnerabilities (Feb 2019)


Web Application Common
1009496* - Microsoft Exchange Server Elevation Of Privilege Vulnerability


Web Application PHP Based
1009541 - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
1009544 - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)


Web Client Common
1009536* - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2019-7815)
1009517 - Microsoft Windows JET Database Engine 'CreateLvSMLocs' Remote Code Execution (CVE-2019-0577)
1009537 - Microsoft Windows JET Database Engine Multiple Remote Code Execution Vulnerabilities (Feb - 2019)
1009533 - Microsoft Windows JET Database Out-of-Bounds Read Remote Code Execution Vulnerability (CVE-2019-0575)
1009539 - Microsoft Windows Multiple GDI Information Disclosure Vulnerabilities (Feb 2019)


Web Server Oracle
1009358* - Oracle WebLogic Server RemoteObject Insecure Deserialization Vulnerability (CVE-2018-3191)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Application Common
1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Solr Service
1009601 - Apache Solr Remote Code Execution Vulnerability (CVE-2019-0192)


Web Application Common
1009312* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509) - 1
1009560 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116) - 1


Web Application Tomcat
1002707* - Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability


Web Client Common
1009311* - Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509)
1009559 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116)


Web Server Common
1007185* - Java Unserialize Remote Code Execution Vulnerability


Windows Services RPC Server DCERPC
1009604 - Identified Usage Of WMI Execute Methods - Server - 1


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Client Internet Explorer/Edge
1009640 - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Trend Micro OfficeScan
1009608 - Trend Micro Apex One And OfficeScan Directory Traversal Vulnerability (CVE-2019-9489)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Microsoft Office
1009646 - Microsoft Office Remote Code Execution Vulnerability (CVE-2019-0801)


Web Client Common
1009663 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 1
1009666 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 2
1009662 - Adobe Flash Player Out-of-Bounds Read Vulnerability (CVE-2019-7108)
1009653 - Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2019-0822)
1009647 - Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2019-0803)
1009649 - Microsoft Windows Multiple Security Vulnerabilities (Apr-2019)
1009654 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0862)
1009650 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0793)
1009651 - Microsoft XML Remote Code Execution Vulnerability (CVE-2019-0794)


Web Client Internet Explorer/Edge
1009652 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0806)
1009658 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0810)
1009659 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0812)
1009660 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0829)
1009661 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0860)
1009657 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0861)
1009655 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0752)
1009656 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0753)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Remote Desktop Protocol Server
1009749 - Microsoft Windows Remote Desktop Services�Remote Code Execution Vulnerability (CVE-2019-0708)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

NTP Server Linux
1009492 - NTPsec 'ntpd ctl_getitem' Out Of Bounds Read Vulnerability (CVE-2019-6443)
1009620 - NTPsec ntpd 'write_variables' Denial Of Service Vulnerability (CVE-2019-6445)


Remote Desktop Protocol Server
1009749* - Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708)


Web Client Common
1009666* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-17) - 2
1009405* - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
1009518 - Microsoft Office Information Disclosure Vulnerability (CVE-2019-0560)
1009758 - Microsoft Windows Font Subsetting Library Integer Overflow Remote Code Execution Vulnerability (CVE-2019-0903)
1009765 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8472)
1009768 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0758)
1009759 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0961)
1009760 - Microsoft Windows Jet Database Engine Multiple Remote Code Execution Vulnerabilities (May-2019)
1009668 - Oracle Java Arbitrary File Deletion Vulnerability (CVE-2019-2449)


Web Client Internet Explorer/Edge
1009763 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0937)
1009733* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0940)


Web Server Oracle Report Server
1006238* - Restrict Oracle Reports Parsequery And Urlparameter Query Access


Web Server SharePoint
1009535* - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2019-0604)


Zoho ManageEngine
1009470 - Zoho ManageEngine OpManager DataMigrationServlet Insecure Deserialization Vulnerability (CVE-2018-19403)


Integrity Monitoring Rules:

1009639 - Application Shimming (ATT&CK: T1138)
1009672 - Time Providers (ATT&CK: T1209)


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Server Oracle
1009707 - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.