All Vulnerabilities
- * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1006906* - Identified Usage Of PsExec Command Line Tool
HP Intelligent Management Center Dbman
1009043 - HPE Intelligent Management Center 'dbman' FileTrans Arbitrary File Write Vulnerability (CVE-2017-5822)
1009637 - HPE Intelligent Management Center 'dbman' Stack Buffer Overflow Vulnerability (CVE-2018-7115)
HP OpenView Network Node Manager Web
1004280* - HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Buffer Overflow
Remote Desktop Protocol Server
1009749* - Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708)
Web Application Common
1009687 - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10218) - 1
1009691 - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10220) - 1
1009423 - ImageMagick Multiple Security Vulnerabilities (Server) - 26
Web Client Common
1009234 - Foxit Reader Multiple Security Vulnerabilities - 7
1009686 - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10218)
1009690 - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10220)
1009422 - ImageMagick Multiple Security Vulnerabilities (Client) - 26
1009539* - Microsoft Windows Multiple GDI Information Disclosure Vulnerabilities (Feb 2019)
1009582* - Microsoft Windows Win32k Elevation Of Privilege Vulnerability (CVE-2019-0808)
1009698 - Microsoft Word Information Disclosure Vulnerability (CVE-2019-0561)
Web Client Internet Explorer/Edge
1009411* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8617)
1009463* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0539)
1009464* - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2019-0541)
Web Server SAP
1009715* - SAP Gateway 'gw/acl_mode' Command Injection Vulnerability (10KBLAZE)
Zoho ManageEngine
1009399 - Zoho ManageEngine OpManager 'oputilsServlet' Authentication Bypass (CVE-2018-17283)
Integrity Monitoring Rules:
1007295* - Application - chrony
1003168* - Unix - Open Port Monitor
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DHCP Client
1009116* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111) - 1
DHCP Client - Incoming
1009114* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)
Mail Server Exim
1009797 - Exim 'deliver_message' Command Injection Vulnerability (CVE-2019-10149)
Web Application Common
1009751 - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
Web Client Common
1009796 - Adobe Flash Player Out-Of-Bounds Read Vulnerability (CVE-2019-7845)
1009787 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1024)
1009788 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1051)
1009792 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1052)
1009793 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1055)
1009764 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2019-0540)
1009769 - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2018-8506)
1009779 - Microsoft Windows Multiple Security Vulnerabilities (June-2019)
1009778 - Microsoft Windows Speech API Remote Code Execution Vulnerability (CVE-2019-0985)
Web Client Internet Explorer/Edge
1009785 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0989)
1009786 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0991)
1009783 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0992)
1009784 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0993)
1009789 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1002)
1009790 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1003)
1009782 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0990)
1009794 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-1023)
1009781 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0920)
1009780 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0988)
1009791 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1005)
Web Server SAP
1009715* - SAP Gateway 'gw/acl_mode' Command Injection Vulnerability (10KBLAZE)
Integrity Monitoring Rules:
1009622 - .bash_profile and .bashrc (ATT&CK: T1156)
1009629 - AppCert DLLs (ATT&CK: T1182)
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3 - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Oracle
1009816 - Oracle Weblogic Server Remote Code Execution Vulnerability (CVE-2019-2729)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1009511* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)
Message Queuing Server Microsoft
1009623 - Microsoft Windows Message Queuing Buffer Overflow Vulnerability (CVE-2005-0059)
Suspicious Client Application Activity
1008946* - Heuristic Detection Of Suspicious Digital Certificate
Web Application Tomcat
1009697* - Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232)
Web Client Common
1009554* - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)
Web Client Internet Explorer/Edge
1009640* - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Client Common
1009437* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 1
1009440* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4
Web Client Internet Explorer/Edge
1009449 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8653)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Java RMI
1009390* - Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution Vulnerability (CVE-2016-1000031)
Web Application Common
1009202 - ImageMagick Multiple 'ReadDIBImage' And 'WriteDIBImage' Out Of Bounds Write Vulnerabilities - 1
Web Client Common
1008883* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 2
1009327* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 9
1009437 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 1
1009438 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 2
1009439 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 3
1009440 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4
1009441 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 5
1009444 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 6
1009442 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 7
1009443 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 8
1009394* - Adobe Acrobat And Reader NTLM SSO Hash Information Disclosure Vulnerability (CVE-2018-15979)
1009201 - ImageMagick Multiple 'ReadDIBImage' And 'WriteDIBImage' Out Of Bounds Write Vulnerabilities
1009292 - Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8382)
1009307* - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8423)
1009366* - Microsoft Outlook Multiple Security Vulnerabilities (Nov-2018)
1009446 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2018-8596)
1009293* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8475)
1002744* - RealNetworks RealPlayer SWF Flash File Buffer Overflow Vulnerability (CVE-2006-0323)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1009427 - Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8628)
Web Application Common
1009425 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323) - 1
Web Client Common
1009426 - 7-Zip Remote Code Execution Vulnerability (CVE-2018-10115)
1009321* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 3
1009326* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 8
1009424 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323)
1009428 - Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8587)
1009413 - Microsoft Text-To-Speech Remote Code Execution Vulnerability (CVE-2018-8634)
1009431 - Microsoft Windows Multiple Security Vulnerabilities (Dec-2018)
1009268 - Oracle Outside In Excel GelFrame Out-Of-Bounds Read (CVE-2018-2992)
Web Client Internet Explorer/Edge
1009409 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8583)
1009411 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8617)
1009412 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8618)
1009416 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8624)
1009415 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8629)
1009335* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8460)
1009414 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8631)
1009410 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8619)
1009430 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8625)
1009429 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8643)
Web Client Mozilla Firefox
1009159 - Mozilla Firefox Vorbis Audio Residue Codebook Out Of Bounds Write Vulnerability (CVE-2018-5146)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1004373* - Identified DLL Side Loading Attempt Over Network Share
Web Client Common
1009405 - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
1009407 - Detected Suspicious DLL Side Loading Attempt Over WebDAV
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Asterisk RTP Protocol
1008964* - Digium Asterisk Compound RTCP Out-Of-Bounds Write Vulnerability (CVE-2017-17664)
Asterisk Server IAX2
1002607* - Asterisk IAX2 Packet Amplification Remote Denial Of Service Vulnerability (CVE-2008-1897)
Oracle Secure Backup
1003225* - Oracle Secure Backup NDMP CONECT_CLIENT_AUTH Command Buffer Overflow
Web Application PHP Based
1008817 - PHP WDDX NULL Pointer Dereference Vulnerability (CVE-2016-9934)
Web Client Common
1009273 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-09) - 8
1009349* - Microsoft Windows ALPC Elevation Of Privilege Vulnerability (CVE-2018-8584)
1009378* - Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563)
1009088* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (May 2018)
1009382* - Microsoft Windows Multiple Security Vulnerabilities (Nov-2018)
1009293* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8475)
1009171* - Microsoft Windows Shell Remote Code Execution Vulnerability
1009238* - Microsoft Windows Shell Remote Code Execution Vulnerability - 1
1009029* - PHP 'http_fopen_wrapper' Stack Buffer Overflow Vulnerability (CVE-2018-7584)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Elasticsearch
1009209 - ElasticSearch Dynamic Script Arbitrary Java Code Execution Vulnerability (CVE-2014-3120)
HP Intelligent Management Center (IMC)
1008983 - HPE Intelligent Management Center 'saveSelectedDevices' Expression Language Injection Vulnerability (CVE-2017-12491)
TFTP Server
1009365 - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)
Web Application Common
1005934* - Identified Suspicious Command Injection Attack
Web Client Internet Explorer/Edge
1009244* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355)
Web Client Mozilla Firefox
1009396 - Mozilla Firefox Multiple Security Vulnerabilities
Web Server Adobe ColdFusion
1009387 - Adobe ColdFusion Remote File Upload Vulnerability (CVE-2018-15961)
Integrity Monitoring Rules:
1008271* - Application - Docker
1003131* - Virtualization Software - VMware Server
Log Inspection Rules:
1003802* - Directory Server - Microsoft Windows Active Directory