All Vulnerabilities
- * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Common
1000880* - Detected Format String Vulnerability In SMTP
Mail Server Miscellaneous
1000090* - Detected Format String Vulnerability In IMAP
TFTP Server
1009365* - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)
Web Application Common
1009700 - Ghostscript Denial Of Service Vulnerability (CVE-2017-9835) - 1
1005934* - Identified Suspicious Command Injection Attack
1009315 - ImageMagick 'SetGrayscaleImage' Heap Overflow Vulnerability (CVE-2018-11625) - 1
1009352 - Libxml2 Null Pointer Dereference Vulnerability (CVE-2018-14404) - 1
Web Application PHP Based
1004998* - PHP-CGI Query String Parameter Vulnerability
Web Client Common
1009473 - GNU Libextractor ZIP File Comment Out-of-Bounds Read Vulnerability (CVE-2018-16430)
1009696 - Ghostscript Denial Of Service Vulnerability (CVE-2017-9835)
1009671 - Google Chrome JSCreateObject Operation Type Confusion Vulnerability (CVE-2018-17463)
1009314 - ImageMagick 'SetGrayscaleImage' Heap Overflow Vulnerability (CVE-2018-11625)
1009351 - Libxml2 Null Pointer Dereference Vulnerability (CVE-2018-14404)
1009702 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2018-8468)
1009369* - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544)
Web Client Internet Explorer/Edge
1009468* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567)
1009546 - Microsoft Edge Multiple Elevation Of Privilege Vulnerabilities
1009570* - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2019-0768)
1009578* - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2019-0667)
Web Server Apache Tika
1009142* - Apache Tika 'tika-server' Command Injection Vulnerability (CVE-2018-1335)
Web Server Common
1009705 - Atlassian Confluence Server Remote Code Execution Vulnerability (CVE-2019-3396)
Web Server Oracle
1009707* - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Oracle
1009707* - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1009717 - Microsoft Windows PowerShell ISE Filename Parsing Remote Code Execution Vulnerability Over SMB
Hot Rod Client
1009119 - Red Hat JBoss Data Grid Hot Rod Client Insecure Deserialization (CVE-2017-15089)
Web Application Common
1009700* - Ghostscript Denial Of Service Vulnerability (CVE-2017-9835) - 1
1009315* - ImageMagick 'SetGrayscaleImage' Heap Overflow Vulnerability (CVE-2018-11625) - 1
1009352* - Libxml2 Null Pointer Dereference Vulnerability (CVE-2018-14404) - 1
Web Client Common
1009392 - Microsoft Windows MS XML Remote Code Execution Vulnerability (CVE-2018-8494)
1009714 - Microsoft Windows PowerShell ISE Filename Parsing Remote Code Execution Vulnerability
Web Server Adobe ColdFusion
1009455 - Adobe ColdFusion CKEditor 'upload.cfm' Directory Traversal Vulnerability (CVE-2018-15960)
Web Server Common
1009705* - Atlassian Confluence Server Remote Code Execution Vulnerability (CVE-2019-3396)
Web Server SAP
1009715 - SAP Gateway 'gw/acl_mode' Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1009728 - Jenkins Stapler Web Framework Remote Code Execution Vulnerability (CVE-2018-1000861)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1009728* - Jenkins Stapler Web Framework Remote Code Execution Vulnerability (CVE-2018-1000861)
1009467* - Microsoft Exchange Server NTLM Reflection EWS Authentication Bypass Vulnerability (CVE-2018-8581)
Web Application PHP Based
1009481* - Drupal Core Critical Arbitrary PHP Code Execution Vulnerability (CVE-2019-6339)
Web Client Common
1009740 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 1
1009735 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 2
1009738 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 3
1009736 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 4
1009742 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 5
1009739 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 6
1009737 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 7
1009741 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 8
1009734 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) - 9
1009732 - Adobe Flash Player Use After Free Vulnerability (CVE-2019-7837)
1009722 - Microsoft Windows Error Reporting Elevation Of Privilege Vulnerability (CVE-2019-0863)
1009723 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0882)
1009725 - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2019-0885)
1009743 - Oracle Java Runtime Environment 'sc_FindExtrema4' Heap Corruption Vulnerability (CVE-2019-2697)
1009744 - Oracle Java Runtime Environment 'setCurrGlyphID' Heap Corruption Vulnerability (CVE-2019-2698)
Web Client Internet Explorer/Edge
1009731 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2019-0938)
1009729 - Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0926)
1009724 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0884)
1009726 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0911)
1009733 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0940)
1009730 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2019-0930)
1009727 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0918)
Web Server Adobe ColdFusion
1009455* - Adobe ColdFusion CKEditor 'upload.cfm' Directory Traversal Vulnerability (CVE-2018-15960)
1009387* - Adobe ColdFusion Remote File Upload Vulnerability (CVE-2018-15961)
Integrity Monitoring Rules:
1009710 - Install Root Certificate (ATT&CK: T1130)
1008257* - Microsoft Windows - USB Storage Device Detected (ATT&CK: T1092)
1009670 - Service Registry Permissions Weakness (ATT&CK: T1058)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DHCP Client - Incoming
1009718 - Microsoft Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0697)
Mail Server Exim
1009747 - MailCarrier Remote Code Execution Vulnerability (CVE-2004-1638)
Web Application Common
1009423* - ImageMagick Multiple Security Vulnerabilities (Server) - 26
1009057* - Pivotal Spring Data Commons Remote Code Execution Vulnerability (CVE-2018-1273)
Web Application PHP Based
1009720 - Drupal Core Cross-Site Scripting Vulnerability (CVE-2019-6341)
1009541* - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
Web Client Common
1009291 - Foxit Reader Multiple Security Vulnerabilities - 10
1009716 - Google Chrome 'NewFixedDoubleArray' Integer Overflow Vulnerability
1009709 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0802)
1009297 - Oracle Java SE and Java for Business 'XNewPtr()' Remote Code Execution Vulnerability (CVE-2010-0843)
Web Client Internet Explorer/Edge
1009449* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8653)
Web Server IIS
1009346 - Microsoft IIS MDAC 'msadcs.dll' RDS DataStub Content-Type Heap Overflow Vulnerability (CVE-2002-1142)
Web Server Miscellaneous
1004750* - Oracle Java RMI Server Insecure Default Configuration Java Code Execution
Web Server Oracle
1009225* - Oracle WebLogic Server WLS Web Services Remote Code Execution Vulnerability (CVE-2018-2894)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DHCP Client
1009476 - Microsoft Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0547)
HP Intelligent Management Center (IMC)
1009799 - HPE Intelligent Management Center 'AccessMgrServlet ClassName' Insecure Deserialization (CVE-2019-11945)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Client Common
1009829 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0908)
1009770 - OpenOffice Information Disclosure Vulnerability (CVE-2018-10583)
1009762 - mIRC Remote Command Execution Vulnerability (CVE-2019-6453)
Web Client Internet Explorer/Edge
1009655* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0752)
Web Client Mozilla Firefox
1009828 - Mozilla Firefox Type Confusion Vulnerability (CVE-2019-11707)
Web Client VNC
1009494 - LibVNC LibVNCClient CoRRE Heap-based Buffer Overflow Vulnerability (CVE-2018-20020)
Web Server Common
1000763* - URI Length Restriction
Web Server Miscellaneous
1008104* - Apache ActiveMQ Multiple Remote Code Execution Vulnerabilities (CVE-2016-3088)
Web Server RealVNC
1004146* - RealVNC 'ClientCutText' Message Memory Corruption
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - Quest InTrust ArDoc.dll ActiveX Control Remote File Creation
Severity: :
Publish Date: 03 de октября de 2018An insecure method in the ARDoc ActiveX Control (ARDoc.dll) can be exploited to overwrite arbitrary files with the contents of exported documents via a call to the "SaveToFile()" method with a specially crafted "bstrFileName" argument. Successful exploitation of this vulnerability allows execution of arbitrary code. - Quest InTrust 'AnnotateX.dll' Uninitialized Pointer Code Execution Vulnerability
Severity: :Publish Date: 11 de мая de 2018Quest InTrust is prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application (typically Internet Explorer) using the ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1011587 - Microsoft Windows Server Service Tampering Vulnerability (CVE-2022-30216)
JBoss Remoting Connector Unified Invoker
1011570* - Red Hat JBoss Enterprise Application Platform Remote Code Execution Vulnerability
SolarWinds Information Service
1011586 - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)
WSO2 Enterprise Integrator
1011580* - WSO2 Enterprise Integrator Cross-Site Scripting Vulnerability (CVE-2022-39810)
Web Application Common
1011588 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-40871)
1011577* - Fastify Denial Of Service Vulnerability (CVE-2022-39288)
1007170* - Identified Suspicious China Chopper Webshell Communication (ATT&CK T1505.003)
Web Application PHP Based
1011574* - WordPress 'Ketchup Restaurant Reservations' Plugin Cross-Site Scripting Vulnerability (CVE-2022-2753)
1011579* - WordPress 'Litespeed' Plugin Cross-Site Scripting Vulnerability (CVE-2020-29172)
1011584 - WordPress 'WP Super Cache' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24329)
1011582 - WordPress 'WPvivid Backup' Plugin Directory Traversal Vulnerability (CVE-2022-2863)
Web Server Miscellaneous
1011581* - Apache JSPWiki 'UserPreferences.jsp' Cross-Site Request Forgery Vulnerability (CVE-2022-28731)
1011572* - Vm2 Sandbox Remote Code Execution Vulnerability (CVE-2021-23449)
1011583 - XWiki Code Injection Vulnerability (CVE-2022-36100)
1011569 - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36094)
1011578 - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36096)
Zoho ManageEngine
1011549* - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2022-40300)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
1011453* - Microsoft Windows WMI Events - 1