24-027 (June 4, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Fluent Bit HTTP
1012052 - Fluent Bit Memory Corruption Vulnerability (CVE-2024-4323)


Nextgen Mirth Connect
1012008* - Nextgen Mirth Connect Insecure Deserialization Vulnerability (CVE-2023-43208)


Unix Samba
1012040 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2023-3866)


Web Application PHP Based
1011910* - WordPress 'AYS Popup Box' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-4137)
1011754* - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
1011605* - WordPress 'EventON Calendar' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2020-29395)
1012014* - WordPress 'LayerSlider' Plugin SQL Injection Vulnerability (CVE-2024-2879)
1011968* - WordPress 'LearnPress' Plugin SQL Injection Vulnerability (CVE-2023-6567)
1012046 - WordPress 'LiteSpeed Cache' Plugin Cross-Site Scripting Vulnerability (CVE-2023-40000)
1011936* - WordPress 'My Calendar' Plugin SQL Injection Vulnerability (CVE-2023-6360)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.