Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)
Ivanti Avalanche
1012203 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-23535)
1012053* - Ivanti Avalanche Multiple Vulnerabilities
1012217 - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2024-23534)
1012200 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2024-38653)
Ivanti Endpoint Manager
1012211 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012204 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-50328)
Kubernetes API Server
1012165* - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Mail Server Common
1012173 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Progress WhatsUp Gold WCF service
1012123* - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)
Unix Samba
1012198 - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)
Web Server Apache
1012166* - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012218 - Centreon SQL Injection Vulnerability (CVE-2024-39841)
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
1012197 - Centreon SQL Injection Vulnerability (CVE-2024-5725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)
Ivanti Avalanche
1012203 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-23535)
1012053* - Ivanti Avalanche Multiple Vulnerabilities
1012217 - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2024-23534)
1012200 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2024-38653)
Ivanti Endpoint Manager
1012211 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012204 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-50328)
Kubernetes API Server
1012165* - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Mail Server Common
1012173 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Progress WhatsUp Gold WCF service
1012123* - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)
Unix Samba
1012198 - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)
Web Server Apache
1012166* - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012218 - Centreon SQL Injection Vulnerability (CVE-2024-39841)
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
1012197 - Centreon SQL Injection Vulnerability (CVE-2024-5725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012208 - Apache OFBiz Remote Code Execution Vulnerability (CVE-2024-45195)
Ivanti Avalanche Remote Control Server
1012176 - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
SolarWinds Access Rights Manager
1012195 - SolarWinds Access Rights Manager Directory Traversal Vulnerability (CVE-2024-23476)
Web Application PHP Based
1012193 - WordPress 'WP Brutal AI' Plugin SQL Injection Vulnerability (CVE-2023-2601)
Web Application Ruby Based
1012189 - Grafana 'duckdb' Remote Code Execution Vulnerability (CVE-2024-9264)
Web Server HTTPS
1012188 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2024-6530)
1012139* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-6672)
Web Server Miscellaneous
1011948* - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2023-46263 and CVE-2024-29848)
1012138* - XWiki Server-Side Template Injection Vulnerability (CVE-2024-37901)
Windows Server DCERPC
1012209 - Microsoft Windows Remote Desktop Licensing Service Denial of Service Vulnerability (CVE-2024-38071)
Zoho ManageEngine ADAuditPlus
1012164* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2024-5467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012208 - Apache OFBiz Remote Code Execution Vulnerability (CVE-2024-45195)
Ivanti Avalanche Remote Control Server
1012176 - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
SolarWinds Access Rights Manager
1012195 - SolarWinds Access Rights Manager Directory Traversal Vulnerability (CVE-2024-23476)
Web Application PHP Based
1012193 - WordPress 'WP Brutal AI' Plugin SQL Injection Vulnerability (CVE-2023-2601)
Web Application Ruby Based
1012189 - Grafana 'duckdb' Remote Code Execution Vulnerability (CVE-2024-9264)
Web Server HTTPS
1012188 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2024-6530)
1012139* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-6672)
Web Server Miscellaneous
1011948* - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2023-46263 and CVE-2024-29848)
1012138* - XWiki Server-Side Template Injection Vulnerability (CVE-2024-37901)
Windows Server DCERPC
1012209 - Microsoft Windows Remote Desktop Licensing Service Denial of Service Vulnerability (CVE-2024-38071)
Zoho ManageEngine ADAuditPlus
1012164* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2024-5467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012196 - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
Ivanti Endpoint Manager
1012155* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32845)
JetBrains TeamCity
1012199 - JetBrains TeamCity Stored Cross-Site Scripting Vulnerability (CVE-2024-47950)
Mail Server Common
1012185 - Roundcube Webmail Information Disclosure Vulnerability (CVE-2024-42010)
1012143 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-37383)
PaperCut
1012192 - PaperCut NG and MF Authentication Bypass Vulnerability (CVE-2024-1222)
Ray Framework
1012150* - Ray Command Injection Vulnerability (CVE-2023-6019)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Multiple Deserialization Remote Code Execution Vulnerabilities (CVE-2024-28986 and CVE-2024-28988)
Web Application PHP Based
1012158* - WordPress 'Email Subscribers' Plugin SQL Injection Vulnerability (CVE-2024-2876)
1012106* - WordPress 'Hash Form' Plugin Arbitrary File Upload Vulnerability (CVE-2024-5084)
1012190 - WordPress 'LearnPress' Plugin SQL Injection Vulnerability (CVE-2024-8522)
Web Server Adobe ColdFusion
1012140* - Adobe ColdFusion Deserialization Of Untrusted Data Vulnerability (CVE-2024-41874)
Web Server HTTPS
1012110* - GeoServer Remote Code Execution Vulnerability (CVE-2024-36401)
1012112* - GitLab Denial Of Service Vulnerability (CVE-2024-2651)
Zoho ManageEngine
1012179 - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2024-6748)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002835* - Web Server - Web Access Events
Deep Packet Inspection Rules:
CyberPanel
1012196 - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
Ivanti Endpoint Manager
1012155* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32845)
JetBrains TeamCity
1012199 - JetBrains TeamCity Stored Cross-Site Scripting Vulnerability (CVE-2024-47950)
Mail Server Common
1012185 - Roundcube Webmail Information Disclosure Vulnerability (CVE-2024-42010)
1012143 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-37383)
PaperCut
1012192 - PaperCut NG and MF Authentication Bypass Vulnerability (CVE-2024-1222)
Ray Framework
1012150* - Ray Command Injection Vulnerability (CVE-2023-6019)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Multiple Deserialization Remote Code Execution Vulnerabilities (CVE-2024-28986 and CVE-2024-28988)
Web Application PHP Based
1012158* - WordPress 'Email Subscribers' Plugin SQL Injection Vulnerability (CVE-2024-2876)
1012106* - WordPress 'Hash Form' Plugin Arbitrary File Upload Vulnerability (CVE-2024-5084)
1012190 - WordPress 'LearnPress' Plugin SQL Injection Vulnerability (CVE-2024-8522)
Web Server Adobe ColdFusion
1012140* - Adobe ColdFusion Deserialization Of Untrusted Data Vulnerability (CVE-2024-41874)
Web Server HTTPS
1012110* - GeoServer Remote Code Execution Vulnerability (CVE-2024-36401)
1012112* - GitLab Denial Of Service Vulnerability (CVE-2024-2651)
Zoho ManageEngine
1012179 - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2024-6748)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002835* - Web Server - Web Access Events
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1012187 - Microsoft Windows SMB Denial of Service Vulnerability (CVE-2024-43642)
Ivanti Avalanche
1012169 - Ivanti Avalanche Path Traversal Vulnerability (CVE-2024-47011)
Progress WhatsUp Gold
1012184 - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5010)
Ray Framework
1012153 - Ray Remote Code Execution Vulnerability (CVE-2023-48022)
Splunk Enterprise
1012108* - Splunk Enterprise Directory Traversal Vulnerability (CVE-2024-36991)
Web Server HTTPS
1012172 - Cacti Arbitrary File Write Vulnerability (CVE-2024-43363)
1012131* - Dolibarr ERP And CRM Reflected Cross-Site Scripting Vulnerability (CVE-2024-34051)
Web Server SharePoint BDC
1012135* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38024)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1012187 - Microsoft Windows SMB Denial of Service Vulnerability (CVE-2024-43642)
Ivanti Avalanche
1012169 - Ivanti Avalanche Path Traversal Vulnerability (CVE-2024-47011)
Progress WhatsUp Gold
1012184 - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5010)
Ray Framework
1012153 - Ray Remote Code Execution Vulnerability (CVE-2023-48022)
Splunk Enterprise
1012108* - Splunk Enterprise Directory Traversal Vulnerability (CVE-2024-36991)
Web Server HTTPS
1012172 - Cacti Arbitrary File Write Vulnerability (CVE-2024-43363)
1012131* - Dolibarr ERP And CRM Reflected Cross-Site Scripting Vulnerability (CVE-2024-34051)
Web Server SharePoint BDC
1012135* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38024)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
Ivanti Endpoint Manager
1012154* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32842)
1012155* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32845)
JetBrains TeamCity
1012181 - JetBrains TeamCity Directory Traversal Vulnerability (CVE-2024-47949)
MLflow
1012096* - MLflow Path Traversal Vulnerability (CVE-2023-6909)
Web Application PHP Based
1012175 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-47525)
1012157 - SPIP 'BigUp' Plugin Remote Code Execution Vulnerability (CVE-2024-8517)
Web Server Adobe ColdFusion
1012140* - Adobe ColdFusion Deserialization Of Untrusted Data Vulnerability (CVE-2024-41874)
Web Server HTTPS
1012119* - Progress WhatsUp Gold Denial Of Service Vulnerability (CVE-2024-5011)
1012118* - Progress WhatsUp Gold Unrestricted File Upload Vulnerability (CVE-2024-4884)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
Ivanti Endpoint Manager
1012154* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32842)
1012155* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32845)
JetBrains TeamCity
1012181 - JetBrains TeamCity Directory Traversal Vulnerability (CVE-2024-47949)
MLflow
1012096* - MLflow Path Traversal Vulnerability (CVE-2023-6909)
Web Application PHP Based
1012175 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-47525)
1012157 - SPIP 'BigUp' Plugin Remote Code Execution Vulnerability (CVE-2024-8517)
Web Server Adobe ColdFusion
1012140* - Adobe ColdFusion Deserialization Of Untrusted Data Vulnerability (CVE-2024-41874)
Web Server HTTPS
1012119* - Progress WhatsUp Gold Denial Of Service Vulnerability (CVE-2024-5011)
1012118* - Progress WhatsUp Gold Unrestricted File Upload Vulnerability (CVE-2024-4884)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012183 - Microsoft Windows Zero Day Vulnerability Over SMB (ZDI-CAN-25373)
Web Client Common
1012182 - Microsoft Windows Zero Day Vulnerability Over HTTP (ZDI-CAN-25373)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012183 - Microsoft Windows Zero Day Vulnerability Over SMB (ZDI-CAN-25373)
Web Client Common
1012182 - Microsoft Windows Zero Day Vulnerability Over HTTP (ZDI-CAN-25373)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Avalanche
1011863* - Ivanti Avalanche Multiple Authentication Bypass Vulnerabilities
Kubernetes API Server
1012165 - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Spring Cloud Skipper Server
1012171 - VMware Spring Cloud Skipper Server Directory Traversal Vulnerability (CVE-2024-22263)
Unix Samba
1012076* - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-52442)
Web Server HTTPS
1012081* - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012079* - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995)
1012051* - WordPress Core Cross-Site Scripting Vulnerability (CVE-2024-4439)
Web Server SharePoint BDC
1012113* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38023 and CVE-2024-38094)
Windows Services RPC Client DCERPC
1012178 - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010095* - Microsoft Windows Management Instrumentation Events
Deep Packet Inspection Rules:
Ivanti Avalanche
1011863* - Ivanti Avalanche Multiple Authentication Bypass Vulnerabilities
Kubernetes API Server
1012165 - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Spring Cloud Skipper Server
1012171 - VMware Spring Cloud Skipper Server Directory Traversal Vulnerability (CVE-2024-22263)
Unix Samba
1012076* - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-52442)
Web Server HTTPS
1012081* - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012079* - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995)
1012051* - WordPress Core Cross-Site Scripting Vulnerability (CVE-2024-4439)
Web Server SharePoint BDC
1012113* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38023 and CVE-2024-38094)
Windows Services RPC Client DCERPC
1012178 - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010095* - Microsoft Windows Management Instrumentation Events
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
JetBrains TeamCity
1012035* - JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2024-23917)
Progress Telerik Reporting
1012072* - Progress Telerik Report Server Authentication Bypass Vulnerability (CVE-2024-4358)
1012039* - Progress Telerik Reporting Insecure Deserialization Vulnerability (CVE-2024-1856 and CVE-2024-1801)
Ray Framework
1012150 - Ray Command Injection Vulnerability (CVE-2023-6019)
Unix CUPS Client
1012160* - CUPS Command Injection Vulnerability (CVE-2024-47176)
Web Application Common
1011998* - Kafka UI Remote Code Execution Vulnerability (CVE-2023-52251)
Web Application PHP Based
1012159 - WordPress 'Business Directory' Plugin SQL Injection Vulnerability (CVE-2024-4443)
1012161 - WordPress 'Country State City Dropdown CF7' Plugin SQL Injection Vulnerability (CVE-2024-3495)
1012158 - WordPress 'Email Subscribers' Plugin SQL Injection Vulnerability (CVE-2024-2876)
1012162 - WordPress 'Formidable Forms' Plugin Remote Code Execution Vulnerability (CVE-2023-2877)
Web Server Apache
1012168 - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)
Web Server HTTPS
1012170 - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
JetBrains TeamCity
1012035* - JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2024-23917)
Progress Telerik Reporting
1012072* - Progress Telerik Report Server Authentication Bypass Vulnerability (CVE-2024-4358)
1012039* - Progress Telerik Reporting Insecure Deserialization Vulnerability (CVE-2024-1856 and CVE-2024-1801)
Ray Framework
1012150 - Ray Command Injection Vulnerability (CVE-2023-6019)
Unix CUPS Client
1012160* - CUPS Command Injection Vulnerability (CVE-2024-47176)
Web Application Common
1011998* - Kafka UI Remote Code Execution Vulnerability (CVE-2023-52251)
Web Application PHP Based
1012159 - WordPress 'Business Directory' Plugin SQL Injection Vulnerability (CVE-2024-4443)
1012161 - WordPress 'Country State City Dropdown CF7' Plugin SQL Injection Vulnerability (CVE-2024-3495)
1012158 - WordPress 'Email Subscribers' Plugin SQL Injection Vulnerability (CVE-2024-2876)
1012162 - WordPress 'Formidable Forms' Plugin Remote Code Execution Vulnerability (CVE-2023-2877)
Web Server Apache
1012168 - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)
Web Server HTTPS
1012170 - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1012050* - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2024-28075)
Ivanti Endpoint Manager
1012156* - Ivanti Endpoint Manager XML External Entity Information Disclosure Vulnerability (CVE-2024-37397)
Progress WhatsUp Gold WCF service
1012129* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4885)
Web Server Apache
1012166 - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012065* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29827)
Windows Server DCERPC
1012163 - Microsoft Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability (CVE-2024-38077)
Zabbix Server
1012090* - Zabbix SQL Injection Vulnerability (CVE-2024-22120)
Zoho ManageEngine ADAuditPlus
1012164 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2024-5467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1012050* - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2024-28075)
Ivanti Endpoint Manager
1012156* - Ivanti Endpoint Manager XML External Entity Information Disclosure Vulnerability (CVE-2024-37397)
Progress WhatsUp Gold WCF service
1012129* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4885)
Web Server Apache
1012166 - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012065* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29827)
Windows Server DCERPC
1012163 - Microsoft Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability (CVE-2024-38077)
Zabbix Server
1012090* - Zabbix SQL Injection Vulnerability (CVE-2024-22120)
Zoho ManageEngine ADAuditPlus
1012164 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2024-5467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
Ivanti Avalanche
1012053* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-24994)
Ivanti Endpoint Manager
1012149 - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
Kubernetes API Server
1012151 - Kubernetes Ingress-Nginx Command Injection Vulnerability (CVE-2024-7646)
PaperCut
1012041* - PaperCut NG And MF Reflected Cross-Site Scripting Vulnerability (CVE-2024-1883)
SAP NetWeaver Java Application Server
1012085* - SAP NetWeaver AS JAVA SQL Injection Vulnerability (CVE-2016-2386)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Deserialization Remote Code Execution Vulnerability (CVE-2024-28986)
Web Server HTTPS
1011980* - Centreon SQL Injection Vulnerability (CVE-2024-23119)
1012081* - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012092* - Progress WhatsUp Gold Path Traversal Vulnerability (CVE-2024-5018)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
Ivanti Avalanche
1012053* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-24994)
Ivanti Endpoint Manager
1012149 - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
Kubernetes API Server
1012151 - Kubernetes Ingress-Nginx Command Injection Vulnerability (CVE-2024-7646)
PaperCut
1012041* - PaperCut NG And MF Reflected Cross-Site Scripting Vulnerability (CVE-2024-1883)
SAP NetWeaver Java Application Server
1012085* - SAP NetWeaver AS JAVA SQL Injection Vulnerability (CVE-2016-2386)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Deserialization Remote Code Execution Vulnerability (CVE-2024-28986)
Web Server HTTPS
1011980* - Centreon SQL Injection Vulnerability (CVE-2024-23119)
1012081* - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012092* - Progress WhatsUp Gold Path Traversal Vulnerability (CVE-2024-5018)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Unveiling AI Agent Vulnerabilities Part V: Securing LLM ServicesTo conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access VulnerabilitiesHow can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.Read more
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more