Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)
Web Application PHP Based
1011278 - October CMS Security Bypass Vulnerability (CVE-2021-32648)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011276 - Adobe Acrobat And Reader Improper Access Control Vulnerability (CVE-2021-44702)
1011275 - Adobe Acrobat And Reader Improper Input Validation Vulnerability (CVE-2021-44739)
1011277 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-01)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011270 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1011274 - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262 - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
Web Server HTTPS
1011247 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011273 - Microsoft Windows Firewall Events
1011250* - Web Server - Apache - 2
Deep Packet Inspection Rules:
Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)
Web Application PHP Based
1011278 - October CMS Security Bypass Vulnerability (CVE-2021-32648)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011276 - Adobe Acrobat And Reader Improper Access Control Vulnerability (CVE-2021-44702)
1011275 - Adobe Acrobat And Reader Improper Input Validation Vulnerability (CVE-2021-44739)
1011277 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-01)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011270 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1011274 - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262 - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
Web Server HTTPS
1011247 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011273 - Microsoft Windows Firewall Events
1011250* - Web Server - Apache - 2
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Linux Kernel TIPC
1011263 - Linux Kernel TIPC Heap Buffer Overflow Vulnerability (CVE-2021-43267)
SolarWinds Network Performance Monitor
1011230* - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1011259* - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258* - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
1011198* - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Application PHP Based
1011266 - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011252* - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
1011261 - WordPress 'DZS Zoomsounds' Plugin Directory Traversal Vulnerability (CVE-2021-39316)
1011264 - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011013* - WordPress 'Stop Spammers' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24245)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
Web Application Ruby Based
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011032* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-51)
Web Server Common
1011245* - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
Web Server HTTPS
1011196* - ACME mini_httpd Server Arbitrary File Read Vulnerability (CVE-2018-18778)
Web Server Miscellaneous
1011256* - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server SharePoint
1011233* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Windows SMB Server
1011251* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011248* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
1011257* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255* - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Linux Kernel TIPC
1011263 - Linux Kernel TIPC Heap Buffer Overflow Vulnerability (CVE-2021-43267)
SolarWinds Network Performance Monitor
1011230* - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1011259* - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258* - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
1011198* - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Application PHP Based
1011266 - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011252* - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
1011261 - WordPress 'DZS Zoomsounds' Plugin Directory Traversal Vulnerability (CVE-2021-39316)
1011264 - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011013* - WordPress 'Stop Spammers' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24245)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
Web Application Ruby Based
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011032* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-51)
Web Server Common
1011245* - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
Web Server HTTPS
1011196* - ACME mini_httpd Server Arbitrary File Read Vulnerability (CVE-2018-18778)
Web Server Miscellaneous
1011256* - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server SharePoint
1011233* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Windows SMB Server
1011251* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011248* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
1011257* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255* - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1011259 - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258 - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
Web Application PHP Based
1011252 - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
Web Server Common
1011245 - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046)
Web Server Miscellaneous
1011256 - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server Oracle
1008317* - Oracle WebLogic JBoss Interceptors Deserialization Of Untrusted Data Vulnerability (CVE-2016-3510)
Zoho ManageEngine
1011257 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255 - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
Web Application Common
1011259 - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258 - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
Web Application PHP Based
1011252 - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
Web Server Common
1011245 - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046)
Web Server Miscellaneous
1011256 - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server Oracle
1008317* - Oracle WebLogic JBoss Interceptors Deserialization Of Untrusted Data Vulnerability (CVE-2016-3510)
Zoho ManageEngine
1011257 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255 - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236* - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
Directory Server LDAP
1011246 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)
SolarWinds Network Performance Monitor
1011229* - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221* - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
1011230 - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1010423* - Primetek Primefaces Remote Code Execution Vulnerability (CVE-2017-1000486)
1011198 - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1008581* - Identified Suspicious IP Addresses In XFF HTTP Header
Web Server HTTPS
1011232* - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server SharePoint
1011224* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234* - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Windows SMB Server
1011251 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011237* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
1011248 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011250 - Web Server - Apache - 2
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236* - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
Directory Server LDAP
1011246 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)
SolarWinds Network Performance Monitor
1011229* - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221* - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
1011230 - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1010423* - Primetek Primefaces Remote Code Execution Vulnerability (CVE-2017-1000486)
1011198 - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1008581* - Identified Suspicious IP Addresses In XFF HTTP Header
Web Server HTTPS
1011232* - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server SharePoint
1011224* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234* - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Windows SMB Server
1011251 - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011237* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
1011248 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011250 - Web Server - Apache - 2
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Common
1011249 - Apache Log4j Denial of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Server Common
1011249 - Apache Log4j Denial of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236 - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
SolarWinds Network Performance Monitor
1011229 - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221 - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
Web Application Ruby Based
1011243 - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011240 - Chromium Memory Corruption Vulnerability (CVE-2021-21118)
1011244 - Chromium Sandbox Bypass Vulnerability (CVE-2021-21132)
1011239 - Google Chrome Type Confusion Vulnerability (CVE-2021-30588)
1011238 - Google Chrome Use After Free Vulnerability (CVE-2020-15994)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Web Server SharePoint
1011224 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234 - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Zoho ManageEngine
1011237 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
Integrity Monitoring Rules:
1010856* - Linux/Unix - Static boot loader files modified (ATT&CK T1542)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236 - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
SolarWinds Network Performance Monitor
1011229 - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221 - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
Web Application Ruby Based
1011243 - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011240 - Chromium Memory Corruption Vulnerability (CVE-2021-21118)
1011244 - Chromium Sandbox Bypass Vulnerability (CVE-2021-21132)
1011239 - Google Chrome Type Confusion Vulnerability (CVE-2021-30588)
1011238 - Google Chrome Use After Free Vulnerability (CVE-2020-15994)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Web Server SharePoint
1011224 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234 - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Zoho ManageEngine
1011237 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
Integrity Monitoring Rules:
1010856* - Linux/Unix - Static boot loader files modified (ATT&CK T1542)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Common
1011242 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011241 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Deep Packet Inspection Rules:
Web Server Common
1011242 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011241 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1011171* - Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-41773 and CVE-2021-42013)
Web Application PHP Based
1010488* - Identified WordPress Database Reset Attempt
1010818* - WordPress 'Code Snippets' Plugin Cross-Site Request Forgery Vulnerability (CVE-2020-8417)
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
1011220* - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1011060* - WordPress 'LearnPress' Plugin Blind SQL Injection Vulnerability (CVE-2020-6010)
1011209* - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
1011047* - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011056* - WordPress 'SP Project & Document Manager' Plugin Remote Code Execution Vulnerability (CVE-2021-24347)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011168* - WordPress 'Supsystic Ultimate Maps' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24274)
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011043* - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1009487* - WordPress Total Donations Plugin Remote Administrative Access Vulnerability (CVE-2019-6703)
1010942* - WordPress XML External Entity Injection Vulnerability (CVE-2021-29447)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Ruby Based
1011231 - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011225 - Microsoft Project MPT File Parsing Out-Of-Bounds Read Vulnerability (ZDI-CAN-14518)
1011223 - Microsoft Teams amsVideo Cross Site Scripting Vulnerability (ZDI-CAN-13482)
Web Proxy Squid
1011213* - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215* - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011227 - Apache Druid Arbitrary File Read Vulnerability (CVE-2021-36749)
Web Server HTTPS
1011235 - Microsoft Exchange Server Reflected Cross-Site Scripting Vulnerability (CVE-2021-41349)
1011232 - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179* - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Web Server SharePoint
1011233 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
Web Application Common
1011171* - Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-41773 and CVE-2021-42013)
Web Application PHP Based
1010488* - Identified WordPress Database Reset Attempt
1010818* - WordPress 'Code Snippets' Plugin Cross-Site Request Forgery Vulnerability (CVE-2020-8417)
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
1011220* - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1011060* - WordPress 'LearnPress' Plugin Blind SQL Injection Vulnerability (CVE-2020-6010)
1011209* - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
1011047* - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011056* - WordPress 'SP Project & Document Manager' Plugin Remote Code Execution Vulnerability (CVE-2021-24347)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011168* - WordPress 'Supsystic Ultimate Maps' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24274)
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011043* - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1009487* - WordPress Total Donations Plugin Remote Administrative Access Vulnerability (CVE-2019-6703)
1010942* - WordPress XML External Entity Injection Vulnerability (CVE-2021-29447)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Ruby Based
1011231 - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011225 - Microsoft Project MPT File Parsing Out-Of-Bounds Read Vulnerability (ZDI-CAN-14518)
1011223 - Microsoft Teams amsVideo Cross Site Scripting Vulnerability (ZDI-CAN-13482)
Web Proxy Squid
1011213* - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215* - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011227 - Apache Druid Arbitrary File Read Vulnerability (CVE-2021-36749)
Web Server HTTPS
1011235 - Microsoft Exchange Server Reflected Cross-Site Scripting Vulnerability (CVE-2021-41349)
1011232 - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179* - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Web Server SharePoint
1011233 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1001839* - Restrict Attempt To Enumerate Windows User Accounts (ATT&CK T1087)
DNS Client
1011122* - Zoom Client Marketplace Information Disclosure Vulnerability (ZDI-CAN-13616)
Web Client Common
1011217 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40725)
1011219 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40726)
Web Proxy Squid
1011213 - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215 - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server HTTPS
1011216* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-42321)
1011214 - VMware vCenter Server Information Disclosure Vulnerability (CVE-2021-21985)
1011220 - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1011209 - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1001839* - Restrict Attempt To Enumerate Windows User Accounts (ATT&CK T1087)
DNS Client
1011122* - Zoom Client Marketplace Information Disclosure Vulnerability (ZDI-CAN-13616)
Web Client Common
1011217 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40725)
1011219 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40726)
Web Proxy Squid
1011213 - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215 - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server HTTPS
1011216* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-42321)
1011214 - VMware vCenter Server Information Disclosure Vulnerability (CVE-2021-21985)
1011220 - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1011209 - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more