Todas as vulnerabilidades

  • 22-013 (March 15, 2022)
     Data de publicação:  16 de março de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic


    SSL Client Applications
    1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)


    SolarWinds Network Performance Monitor
    1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
    1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2


    Suspicious Server Application Activity
    1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)


    Web Application PHP Based
    1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
    1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
    1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
    1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
    1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
    1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
    1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
    1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
    1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
    1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
    1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)


    Web Application Ruby Based
    1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)


    Web Client Common
    1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)


    Web Server HTTPS
    1011336 - Identified Zabbix Frontend SAML SSO Authentication Request


    Web Server Miscellaneous
    1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)


    Web Server Nagios
    1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)


    Web Server SharePoint
    1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)


    Webmin
    1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)


    Zoho ManageEngine
    1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
    1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
    1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002831* - Unix - Syslog
  • 22-012 (March 8, 2022)
     Data de publicação:  09 de março de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011316* - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)


    Web Application PHP Based
    1011319 - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
    1011302 - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
    1011314 - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
    1011305 - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
    1011325 - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
    1011324 - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
    1011313 - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
    1011298* - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)


    Web Client Common
    1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)


    Web Client Internet Explorer/Edge
    1011323 - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2022-24502)


    Web Server Common
    1010099* - Elastic Kibana Timelion Prototype Pollution Vulnerability (CVE-2019-7609)


    Web Server HTTPS
    1011328 - Microsoft Defender for IOT Privilege Escalation Vulnerability (CVE-2022-23266)


    Web Server Miscellaneous
    1011304* - Atlassian Jira Reflected Cross-Site Scripting Vulnerability (CVE-2021-43942)
    1011301* - Jenkins 'Matrix Project' Plugin Cross-Site Scripting Vulnerability (CVE-2022-20615)


    Web Server Nagios
    1011326 - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)


    Web Server SharePoint
    1011318 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
    1011310* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-22005)


    Zoho ManageEngine
    1011327 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
    1011267* - Zoho ManageEngine Network Configuration Manager Command Injection Vulnerability (CVE-2021-43319)
    1011254* - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)
    1011317 - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
  • 22-011 (March 1, 2022)
     Data de publicação:  04 de março de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011316 - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)


    Trend Micro ServerProtect EarthAgent
    1011312 - Identified Usage Of Trend Micro ServerProtect Static Credential


    Web Application PHP Based
    1011298 - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)


    Web Server HTTPS
    1009761* - Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302)
    1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities
    1009467* - Microsoft Exchange Server NTLM Reflection EWS Authentication Bypass Vulnerability (CVE-2018-8581)
    1009310* - Microsoft Exchange Server SSRF Vulnerability (CVE-2018-16793)
    1010183* - Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)


    Zoho ManageEngine
    1011254 - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)


    Integrity Monitoring Rules:

    1010422* - Linux/Unix - SCP process detected (ATT&CK T1048.001, T1105)
    1010791* - Linux/Unix - Task scheduler entries modified (ATT&CK T1053)


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-010 (February 22, 2022)
     Data de publicação:  23 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Unix Samba
    1011294* - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)


    Web Application PHP Based
    1011252* - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
    1011261* - WordPress 'DZS Zoomsounds' Plugin Directory Traversal Vulnerability (CVE-2021-39316)


    Web Client Common
    1011277* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-01)
    1011300 - Chromium Based Browsers Out Of Bounds Write Vulnerability (CVE-2021-30547)


    Web Server Common
    1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
    1011265* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)


    Web Server Miscellaneous
    1011304 - Atlassian Jira Reflected Cross-Site Scripting Vulnerability (CVE-2021-43942)
    1011301 - Jenkins 'Matrix Project' Plugin Cross-Site Scripting Vulnerability (CVE-2022-20615)


    Web Server SharePoint
    1011310 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-22005)


    Zoho ManageEngine
    1011267 - Zoho ManageEngine Network Configuration Manager Command Injection Vulnerability (CVE-2021-43319)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-009 (February 17, 2022)
     Data de publicação:  18 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Server Common
    1011270* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
    1011279* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046) - 1


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-008 (February 15, 2022)
     Data de publicação:  16 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1011303 - Microsoft Excel Information Disclosure Vulnerability (CVE-2022-22716)


    Unix Samba
    1011294* - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)


    Web Application Common
    1011295* - Pandora FMS SQL Injection Vulnerability (CVE-2021-32099)


    Web Application PHP Based
    1011296* - WordPress 'Contact Form Entries' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-25079)
    1011299 - WordPress 'Download Monitor' Plugin SQL Injection Vulnerability (CVE-2021-24786)
    1011287* - WordPress 'Frontend Uploader' Plugin Cross Site Scripting Vulnerability (CVE-2021-24563)


    Web Application Ruby Based
    1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
    1011289 - Grafana Directory Traversal Vulnerability (CVE-2021-43813)
    1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)


    Web Server Common
    1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
    1010175* - Cross-Site Scripting (XSS) Decoder


    Web Server Miscellaneous
    1011253* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)


    Web Server Oracle
    1011084* - Oracle Business Intelligence 'UpdateConnectionServlet' Remote Code Execution Vulnerability (CVE-2021-2396)
    1002645* - Oracle mod_wl HTTP Request Method Remote Buffer Overflow


    Zoho ManageEngine
    1011260* - Zoho ManageEngine Multiple Products Arbitrary File Upload Vulnerability (CVE-2021-44077)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-007 (February 8, 2022)
     Data de publicação:  09 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011281* - H2 Database Console JNDI Injection Vulnerability (CVE-2021-42392)


    Unix Samba
    1011294* - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)


    Web Application Common
    1011295 - Pandora FMS SQL Injection Vulnerability (CVE-2021-32099)


    Web Application PHP Based
    1011296 - WordPress 'Contact Form Entries' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-25079)
    1011287 - WordPress 'Frontend Uploader' Plugin Cross Site Scripting Vulnerability (CVE-2021-24563)
    1011045* - WordPress 'Modern Events Calendar Lite' Plugin Improper Access Control Vulnerability (CVE-2021-24146)
    1011286* - WordPress 'True Ranker' Plugin Directory Traversal Vulnerability (CVE-2021-39312)
    1011285* - WordPress Core 'WP_Query' SQL Injection Vulnerability (CVE-2022-21661)


    Web Server Common
    1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
    1010175* - Cross-Site Scripting (XSS) Decoder


    Web Server HTTPS
    1011290* - Apache HTTP Server 'mod_proxy' NULL Pointer Dereference Vulnerability (CVE-2021-44224)


    Web Server Miscellaneous
    1011293 - Apache Struts Double OGNL Evaluation Remote Code Execution Vulnerability (CVE-2016-0785) - 1
    1011288* - Ivanti Avalanche Enterprise Service Command Injection Vulnerability (CVE-2021-42129)


    Zoho ManageEngine
    1011284* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37918)
    1011260 - Zoho ManageEngine Multiple Products Arbitrary File Upload Vulnerability (CVE-2021-44077)


    Integrity Monitoring Rules:

    1010838* - Linux/Unix - Core system configuration files modified


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-006 (February 4, 2022)
     Data de publicação:  07 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Application PHP Based
    1010942* - WordPress XML External Entity Injection Vulnerability (CVE-2021-29447)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-005 (February 1, 2022)
     Data de publicação:  02 de fevereiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Unix Samba
    1011294 - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)


    Web Application PHP Based
    1011286 - WordPress 'True Ranker' Plugin Directory Traversal Vulnerability (CVE-2021-39312)
    1011285* - WordPress Core 'WP_Query' SQL Injection Vulnerability (CVE-2022-21661)


    Web Server Common
    1010175* - Cross-Site Scripting (XSS) Decoder


    Web Server HTTPS
    1011290 - Apache HTTP Server 'mod_proxy' NULL Pointer Dereference Vulnerability (CVE-2021-44224)


    Web Server Miscellaneous
    1011288 - Ivanti Avalanche Enterprise Service Command Injection Vulnerability (CVE-2021-42129)


    Integrity Monitoring Rules:

    1002771* - Linux/Unix - File permissions in the /var/log directory modified (ATT&CK T1222.002)


    Log Inspection Rules:

    1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
    1002831* - Unix - Syslog
  • 22-004 (January 25, 2022)
     Data de publicação:  26 de janeiro de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011281 - H2 Database Console JNDI Injection Vulnerability (CVE-2021-42392)


    LDAP Client
    1011269 - Identified Java Code Download Attempt Over LDAP


    Web Application Common
    1011103* - PHPUnit Remote Code Execution Vulnerability (CVE-2017-9841)


    Web Application PHP Based
    1011278* - October CMS Security Bypass Vulnerability (CVE-2021-32648)
    1011266* - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
    1011264* - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
    1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
    1011283 - WordPress 'Wp-Stats-Manager' Plugin SQL Injection Vulnerability (CVE-2021-24750)


    Web Server Common
    1011279 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046) - 1
    1011274* - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
    1011262* - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
    1011285 - WordPress Core 'WP_Query' SQL Injection Vulnerability (CVE-2022-21661)


    Web Server HTTPS
    1011247* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)


    Web Server Miscellaneous
    1011253 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)
    1011163* - Spring Boot Actuator Directory Traversal Vulnerability (CVE-2021-21234)


    Zoho ManageEngine
    1011284 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37918)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.