Todas as vulnerabilidades

  • 22-020 (April 26, 2022)
     Data de publicação:  27 de abril de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1007021* - Remote Registry Access Through SMBv2 Protocol Detected (ATT&CK T1012)


    MySQL Cluster
    1011222* - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)


    MySQL Cluster NDBD
    1011362* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
    1011389* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
    1011391* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
    1011385* - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)
    1011390* - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)


    SolarWinds Network Performance Monitor
    1011384* - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)


    Web Application Common
    1000552* - Generic Cross Site Scripting(XSS) Prevention
    1010635* - Jenkins Groovy Plugin Sandbox Bypass Vulnerabilities (CVE-2019-1003029 and CVE-2019-1003030)
    1011381* - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)


    Web Application PHP Based
    1011392* - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
    1011380* - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
    1011400 - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
    1011388* - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
    1011387* - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
    1011393* - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
    1011404 - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
    1011401 - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)


    Web Client Common
    1009919* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-41) - 4
    1011398 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 1
    1011397 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 2


    Web Client VNC
    1011373* - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)


    Web Server Common
    1011343* - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
    1011377* - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
    1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)


    Web Server HTTPS
    1011395 - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)


    Web Server Miscellaneous
    1011396 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)
    1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-019 (April 19, 2022)
     Data de publicação:  21 de abril de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Microsoft SQL
    1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure


    MySQL Cluster NDBD
    1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
    1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
    1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)


    SolarWinds Network Performance Monitor
    1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)


    Web Application Common
    1005402* - Identified Suspicious User Agent In HTTP Request


    Web Application PHP Based
    1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
    1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
    1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)


    Web Application Tomcat
    1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)


    Web Client Common
    1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)


    Web Client VNC
    1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)


    Web Server Common
    1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
    1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)


    Web Server Miscellaneous
    1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)


    Web Server Oracle
    1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-018 (April 12, 2022)
     Data de publicação:  18 de abril de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    MySQL Cluster
    1011222 - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)


    MySQL Cluster NDBD
    1011362 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
    1011385 - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)


    Web Application Common
    1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
    1011381 - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)


    Web Application PHP Based
    1011386 - Identified WordPress 'Error Log Viewer' Plugin File Clearing Request
    1011380 - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
    1011356* - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
    1011353* - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
    1011387 - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
    1011375* - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)


    Web Client Common
    1011383 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0289)


    Web Server Common
    1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
    1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)


    Web Server Miscellaneous
    1011378 - Eclipse Jetty Unauthenticated Information Disclosure Vulnerability (CVE-2021-28169)
    1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-017 (April 5, 2022)
     Data de publicação:  06 de abril de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    OpenSSL Client
    1011370 - OpenSSL Client Denial Of Service Vulnerability (CVE-2022-0778)


    Web Application Common
    1011364 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)


    Web Application PHP Based
    1011358* - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
    1011302* - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
    1011356 - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
    1011353 - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
    1011375 - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
    1011352* - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
    1011340* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)


    Web Client Common
    1011367 - Chromium Based Browsers Incorrect Authorization Vulnerability (CVE-2022-0309)
    1011368 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0297)
    1011374 - Chromium Use After Free Vulnerability (CVE-2022-0609)


    Web Client Mozilla Firefox
    1011361 - Mozilla Firefox Use-After-Free Remote Code Execution Vulnerability (CVE-2022-26381)


    Web Server Common
    1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
    1011265* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
    1011344* - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
    1010175* - Cross-Site Scripting (XSS) Decoder
    1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
    1010721* - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)


    Web Server Miscellaneous
    1011376 - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002831* - Unix - Syslog
  • 22-016 (March 31, 2022)
     Data de publicação:  05 de abril de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Server Common
    1011371 - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
    1011372 - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-015 (March 29, 2022)
     Data de publicação:  30 de marzo de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    MySQL Cluster
    1011292* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
    1011291* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)


    OpenSSL
    1011366 - OpenSSL Server Denial Of Service Vulnerability (CVE-2022-0778)


    Remote Desktop Protocol Server
    1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)


    Web Application PHP Based
    1011358 - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
    1011325* - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
    1011351* - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
    1011352 - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
    1011340 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)
    1011347* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
    1011333* - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)


    Web Server Adobe ColdFusion
    1011355 - Identified Adobe ColdFusion LDAP Server Connection Request


    Web Server Common
    1011331 - Apache APISIX 'batch-requests' Plugin Remote Code Execution Vulnerability (CVE-2022-24112)
    1011344 - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
    1010721 - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)


    Web Server HTTPS
    1011349 - Trend Micro Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1011360 - Microsoft Windows WMI Events
  • 22-014 (March 22, 2022)
     Data de publicação:  24 de marzo de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1008445* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)


    MySQL Cluster
    1011292 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
    1011291 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)


    Remote Desktop Protocol Server
    1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request


    SolarWinds Network Performance Monitor
    1011271* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
    1011272* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2


    Web Application PHP Based
    1011337* - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
    1011335* - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
    1011334* - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
    1011320* - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
    1011351 - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
    1011341* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
    1011347 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
    1011333 - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)
    1011321* - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)


    Web Application Tomcat
    1011322 - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)


    Web Server Apache
    1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)


    Web Server Common
    1011342 - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)


    Web Server Miscellaneous
    1011297* - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)


    Webmin
    1011338* - Webmin Improper Access Control Vulnerability (CVE-2022-0824)


    Zoho ManageEngine
    1011329* - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 22-013 (March 15, 2022)
     Data de publicação:  16 de marzo de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic


    SSL Client Applications
    1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)


    SolarWinds Network Performance Monitor
    1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
    1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2


    Suspicious Server Application Activity
    1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)


    Web Application PHP Based
    1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
    1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
    1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
    1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
    1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
    1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
    1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
    1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
    1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
    1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
    1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)


    Web Application Ruby Based
    1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)


    Web Client Common
    1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)


    Web Server HTTPS
    1011336 - Identified Zabbix Frontend SAML SSO Authentication Request


    Web Server Miscellaneous
    1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)


    Web Server Nagios
    1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)


    Web Server SharePoint
    1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)


    Webmin
    1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)


    Zoho ManageEngine
    1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
    1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
    1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002831* - Unix - Syslog
  • 22-012 (March 8, 2022)
     Data de publicação:  09 de marzo de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011316* - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)


    Web Application PHP Based
    1011319 - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
    1011302 - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
    1011314 - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
    1011305 - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
    1011325 - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
    1011324 - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
    1011313 - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
    1011298* - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)


    Web Client Common
    1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)


    Web Client Internet Explorer/Edge
    1011323 - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2022-24502)


    Web Server Common
    1010099* - Elastic Kibana Timelion Prototype Pollution Vulnerability (CVE-2019-7609)


    Web Server HTTPS
    1011328 - Microsoft Defender for IOT Privilege Escalation Vulnerability (CVE-2022-23266)


    Web Server Miscellaneous
    1011304* - Atlassian Jira Reflected Cross-Site Scripting Vulnerability (CVE-2021-43942)
    1011301* - Jenkins 'Matrix Project' Plugin Cross-Site Scripting Vulnerability (CVE-2022-20615)


    Web Server Nagios
    1011326 - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)


    Web Server SharePoint
    1011318 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
    1011310* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-22005)


    Zoho ManageEngine
    1011327 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
    1011267* - Zoho ManageEngine Network Configuration Manager Command Injection Vulnerability (CVE-2021-43319)
    1011254* - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)
    1011317 - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
  • 22-011 (March 1, 2022)
     Data de publicação:  04 de marzo de 2022
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    H2 Database
    1011316 - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)


    Trend Micro ServerProtect EarthAgent
    1011312 - Identified Usage Of Trend Micro ServerProtect Static Credential


    Web Application PHP Based
    1011298 - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)


    Web Server HTTPS
    1009761* - Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302)
    1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities
    1009467* - Microsoft Exchange Server NTLM Reflection EWS Authentication Bypass Vulnerability (CVE-2018-8581)
    1009310* - Microsoft Exchange Server SSRF Vulnerability (CVE-2018-16793)
    1010183* - Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)


    Zoho ManageEngine
    1011254 - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)


    Integrity Monitoring Rules:

    1010422* - Linux/Unix - SCP process detected (ATT&CK T1048.001, T1105)
    1010791* - Linux/Unix - Task scheduler entries modified (ATT&CK T1053)


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.