SOPHOS IPS Signature Update Release Notes
Version : 9.17.79 Release Date : 19th January 2020 IPS Signature Update
Release Information
Upgrade Applicable on
IPS Signature Release Version 9.17.78 CR250i, CR300i, CR500i-4P, CR500i-6P, CR500i-8P, CR500ia, CR500ia-RP, CR500ia1F, CR500ia10F, CR750ia, CR750ia1F, CR750ia10F, CR1000i-11P, CR1000i-12P, CR1000ia, CR1000ia10F, CR1500i-11P, CR1500i-12P, CR1500ia, CR1500ia10F Sophos Appliance Models CR25iNG, CR25iNG-6P, CR35iNG, CR50iNG, CR100iNG, CR200iNG/XP, CR300iNG/XP, CR500iNG- XP, CR750iNG-XP, CR2500iNG, CR25wiNG, CR25wiNG-6P, CR35wiNG, CRiV1C, CRiV2C, CRiV4C, CRiV8C, CRiV12C, XG85 to XG450, SG105 to SG650
Upgrade Information Upgrade type: Automatic
Compatibility Annotations: None
Introduction The Release Note document for IPS Signature Database Version 9.17.79 includes support for the new signatures. The following sections describe the release in detail.
New IPS Signatures The Sophos Intrusion Prevention System shields the network from known attacks by matching the network traffic against the signatures in the IPS Signature Database. These signatures are developed to significantly increase detection performance and reduce the false alarms.
Report false positives at [email protected], along with the application details.
January 2020 Page 2 of 245 IPS Signature Update
This IPS Release includes Two Thousand, Seven Hundred and Sixty Two(2762) signatures to address One Thousand, Nine Hundred and Thirty Eight(1938) vulnerabilities. New signatures are added for the following vulnerabilities:
Name CVE–ID Category Severity
Malware 4 Communication
CVE-2017- Malware 2 0144 Communication
BROWSER-CHROME Google Chrome CVE- CVE-2020- Browsers 2 2020-6388 AudioArray 6388 Memory Corruption
BROWSER-CHROME Google Chrome CVE-2019- FileReader CVE-2019- Browsers 2 5786 5786 Use After Free (Published Exploit)
BROWSER-CHROME Google Chrome CVE-2019- Browsers 1 FileReader CVE-2019- 5786 5786 Use After Free
BROWSER-CHROME CVE-2019- Google Chrome Integer Browsers 1 5789 Overflow Vulnerability
BROWSER-CHROME CVE-2018- Google Chrome Object Browsers 1 6106 Corruption Vulnerability
BROWSER-CHROME CVE-2017- Google Chrome Out-Of- Browsers 1 5053 Bounds Vulnerability
BROWSER-CHROME CVE-2020- Browsers 1 Google Chrome
January 2020 Page 3 of 245 IPS Signature Update
ReadableStream out of 6390 bounds read attempt
BROWSER-CHROME CVE-2019- Google Chrome Use- Browsers 1 5788 After-Free Vulnerability
BROWSER-CHROME Google Chrome blink CVE-2019- Browsers 1 webaudio module use 13720 after free attempt
BROWSER-CHROME Google Chrome CVE-2019- desktopMediaPickerCon Browsers 1 13767 troller use after free attempt
BROWSER-CHROME Google Chromium CVE-2019- Browsers 1 ImageCapture use after 13687 free attempt
BROWSER-FIREFOX Apache Tika Chmparser CVE-2018- Browsers 2 Denial Of Service CVE- 1339 2018-1339
BROWSER-FIREFOX Mozilla Firefox 3.5 CVE-2009- Browsers 2 unicode stack overflow 2479 attempt
BROWSER-FIREFOX Mozilla Firefox CVE-2019- Browsers 2 Array.prototype.pop 11707 type confusion attempt
BROWSER-FIREFOX CVE-2017- Mozilla Firefox CVE- Browsers 2 2017-5428 5428 createImageBitmap
January 2020 Page 4 of 245 IPS Signature Update
Integer Overflow
BROWSER-FIREFOX Mozilla Firefox CVE- CVE-2017- Browsers 3 2017-5459 WebGL 5459 Integer Overflow I
BROWSER-FIREFOX Mozilla Firefox CVE- CVE-2017- Browsers 3 2017-5459 WebGL 5459 Integer Overflow II
BROWSER-FIREFOX Mozilla Firefox CVE- CVE-2017- Browsers 3 2017-5459 WebGL 5459 Integer Overflow III
BROWSER-FIREFOX Mozilla Firefox CVE-2020- ReadableStreamCloseIn Browsers 1 6806 ternal out-of-bounds access attempt
BROWSER-FIREFOX Mozilla Firefox Vorbis Audio Residue CVE-2018- Browsers 1 Codebook Out of 5146 Bounds Write CVE- 2018-5146
BROWSER-FIREFOX Mozilla Firefox CVE-2017- Browsers 1 domFuzzLite3 table use 5404 after free attempt
BROWSER-FIREFOX Mozilla Firefox CVE-2018- javascript type Browsers 2 12386 confusion code execution attempt
BROWSER-FIREFOX CVE-2018- Browsers 2 Mozilla Firefox method
January 2020 Page 5 of 245 IPS Signature Update
array.prototype.push 12387 remote code execution attempt
BROWSER-FIREFOX CVE-2020- Mozilla Firefox potential Browsers 1 6819 use after free attempt
BROWSER-IE Microsoft Edge CVE-2016-3386 CVE-2016- Spread Operator Browsers 2 3386 Memory Corruption Attempt
BROWSER-IE Microsoft Edge CVE-2018-8556 CVE-2018- Browsers 3 bailOnImplicitCall Type 8556 Confusion Attempt
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0648 Browsers 2 0648 Information Disclosure
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0658 Browsers 1 0658 Information Disclosure
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0676 Browsers 2 0676 Information Disclosure
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0930 Browsers 2 0930 Information Disclosure
BROWSER-IE Microsoft Edge Chakra CVE-2018- 0780 CVE-2018- Browsers 1 AsmJSByteCodeGenerat 0780 or EmitCall Type Confusion I
January 2020 Page 6 of 245 IPS Signature Update
BROWSER-IE Microsoft Edge Chakra Scripting CVE-2018- Browsers 2 Engine localeCompare 8355 type confusion attempt
BROWSER-IE Microsoft Edge spread operator CVE-2016- Browsers 2 memory corruption 7296 attempt
BROWSER-IE Microsoft Edge spread operator CVE-2016- Browsers 2 memory corruption 7297 attempt
BROWSER-IE Microsoft Internet Explorer CVE-2015- Browsers 1 CAttrArray use after 6143 free attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2016- 2016-7283 Browsers 2 7283 CWigglyShape Information Disclosure
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2016- 2016-7283 Browsers 2 7283 CWigglyShape Information Disclosure
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-8563 DirectX Browsers 2 8563 information disclosure attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2019- Browsers 2 2019-0676 information 0676 disclosure attempt
January 2020 Page 7 of 245 IPS Signature Update
BROWSER-IE Microsoft CVE-2017- Internet Explorer object Browsers 1 8749 use after free attempt
BROWSER-IE Oracle Java Web Start arbitrary CVE-2010- command execution Browsers 1 0886 attempt - Internet Explorer
BROWSER-OTHER Apple CVE-2011- Safari WebKit SVG Browsers 1 0222 Memory Corruption
BROWSER-OTHER Apple Safari WebKit CVE-2011- innerHTML Double Free Browsers 1 0221 Memory Corruption (Published Exploit)
BROWSER-OTHER Cisco Webex Meetings CVE-2020- Desktop App arbitrary Browsers 1 3263 program execution attempt
BROWSER-OTHER Cisco Webex Teams URI CVE-2019- Browsers 1 scheme remote code 1636 execution attempt
BROWSER-OTHER IBM CVE-2017- Notes denial of service Browsers 2 1130 attempt
BROWSER-OTHER Microsoft Edge CVE- CVE-2016- 2016-7206 Remote Browsers 1 7206 Code Execution Vulnerability
BROWSER-OTHER CVE-2010- Browsers 2
January 2020 Page 8 of 245 IPS Signature Update
Multiple Browser CVE- 3257 2010-3257 WebKit Stale Pointer Use-after-free Code Execution
BROWSER-OTHER Novell Messenger Client CVE-2013- Browsers 1 nim URI handler buffer 1085 overflow attempt
BROWSER-OTHER Opera animation element Browsers 1 denial of service attempt
BROWSER-OTHER Opera browser window null Browsers 2 pointer dereference attempt
BROWSER-PLUGINS AOL IWinAmpActiveX class Browsers 1 ConvertFile buffer overflow attempt
BROWSER-PLUGINS Advantech WebAccess CVE-2018- Node chkLogin2 SQL Browsers 2 5443 Injection CVE-2018- 5443
BROWSER-PLUGINS Advantech Webaccess webvrpcs Directory CVE-2017- Browsers 2 Traversal Remote Code 16720 Execution CVE-2017- 16720
BROWSER-PLUGINS Advantech Webaccess CVE-2019- Browsers 1 webvrpcs Directory 13552 Traversal Remote Code Execution CVE-2019-
January 2020 Page 9 of 245 IPS Signature Update
13552
BROWSER-PLUGINS HP PoS CVE-2014-7890 OPOS Driver CVE-2014- Browsers 2 opostoneindicator.ocx 7890 Open Method Stack Overflow
BROWSER-PLUGINS Microsoft Internet CVE-2006- Browsers 2 Explorer Dynamic Casts 3638 ActiveX clsid access
BROWSER-PLUGINS Mitsubishi Electric E- CVE-2017- Designer BEComliSlave Browsers 3 9638 Status_bit Stack Buffer Overflow
BROWSER-PLUGINS Novell CVE-2011-4187 iPrint Client CVE-2011- Browsers 3 GetDriverSettings 4187 Realm Parameter Stack Buffer Overflow I
BROWSER-PLUGINS Novell CVE-2011-4187 iPrint Client CVE-2011- Browsers 3 GetDriverSettings 4187 Realm Parameter Stack Buffer Overflow II
BROWSER-PLUGINS Novell CVE-2011-4187 iPrint Client CVE-2011- Browsers 3 GetDriverSettings 4187 Realm Parameter Stack Buffer Overflow III
BROWSER-PLUGINS CVE-2013- Browsers 1 Novell Messenger Client
January 2020 Page 10 of 245 IPS Signature Update
Filename Parameter 1085 Stack Buffer Overflow
BROWSER-PLUGINS Novell iPrint CVE-2009- CVE-2009- 1569 Client ienipp.ocx Browsers 2 1569 volatile-date-time Parsing Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client CVE-2010- Browser Plugin call- Browsers 1 1527 back-url Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client ExecuteRequest debug Browsers 1 Parameter Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client ExecuteRequest debug Browsers 4 Parameter Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client Browsers 1 GetDriverSettings Stack Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client Browsers 4 GetDriverSettings Stack Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client CVE-2009- Browsers 1 ienipp.ocx target-frame 1568 Stack Buffer Overflow
January 2020 Page 11 of 245 IPS Signature Update
BROWSER-PLUGINS Oracle Java browser CVE-2010- Browsers 1 plugin docbase overflow 3552 attempt
BROWSER-PLUGINS Trend Micro Control Manager CVE-2018- ThreatDistributedTrail Browsers 1 3606 ThreatName SQL Injection CVE-2018- 3606
BROWSER-PLUGINS Trend Micro Control Manager sCloudService CVE-2018- Browsers 1 GetPassword SQL 3604 Injection CVE-2018- 3604
BROWSER-WEBKIT Apple Safari Browser CVE-2019- Browsers 1 putToPrimitive Cross- 8764 Site Scripting Attempt
BROWSER-WEBKIT Apple Safari CSS font CVE-2010- Browsers 1 format corruption 0046 attempt
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 1684 1684 Denial Of Service
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 2363 2363 Same Origin Policy
BROWSER-WEBKIT Apple Safari CVE-2017- CVE-2017- Browsers 2 2364 Universal Cross 2364 Site Scripting
January 2020 Page 12 of 245 IPS Signature Update
BROWSER-WEBKIT Apple Safari CVE-2017- CVE-2017- Browsers 2 2445 Universal Cross 2445 Site Scripting
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 2447 2447 Denial Of Service
BROWSER-WEBKIT Apple Safari CVE-2017- CVE-2017- Browsers 2 2479 Universal Cross 2479 Site Scripting
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 2521 2521 Denial Of service
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 7037 7037 Denial Of Service
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 7092 7092 Denial Of service
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 1 2363 7117 Denial Of Service
BROWSER-WEBKIT CVE-2017- Apple Safari CVE-2017- Browsers 2 2363 7117 Denial Of Service
BROWSER-WEBKIT Apple Safari CVE-2018- CVE-2018- 4382 WebKit Browsers 2 4382 handleIntrinsicCall Type Confusion
CVE-2016- BROWSER-WEBKIT Browsers 1 Apple Safari Same 1697
January 2020 Page 13 of 245 IPS Signature Update
Origin Policy Bypass
BROWSER-WEBKIT Apple Safari WebKit CVE-2019- Browsers 1 JavaScript engine type 8820 confusion attempt
BROWSER-WEBKIT CVE-2017- Apple Safari WebKit Out Browsers 2 2505 Of Bounds Write
BROWSER-WEBKIT Apple Safari WebKit CVE-2019- Browsers 2 cached page memory 8822 corruption attempt
BROWSER-WEBKIT Apple Safari WebKit CVE-2018- Browsers 1 memory corruption 4368 attempt
BROWSER-WEBKIT Apple Safari WebKit CVE-2019- Browsers 1 out-of-bounds read 8689 attempt
BROWSER-WEBKIT Apple Safari WebKit CVE-2017- Browsers 1 out-of-bounds write 2505 attempt
BROWSER-WEBKIT Apple Safari Webkit CSS CVE-2010- Charset Text Browsers 1 1770 transformation code execution attempt
BROWSER-WEBKIT Apple Safari Webkit CVE-2012- CVE-2012-1520 CSS Browsers 2 1520 Title Memory Corruption Attempt
January 2020 Page 14 of 245 IPS Signature Update
BROWSER-WEBKIT Apple Safari Webkit CVE-2010- Browsers 1 ContentEditable code 1396 execution attempt
BROWSER-WEBKIT Apple Safari Webkit SVG CVE-2011- Browsers 1 memory corruption 0222 attempt
BROWSER-WEBKIT Apple Safari Webkit CVE-2018- Browsers 2 WebCore memory 4200 corruption attempt
BROWSER-WEBKIT Apple Safari Webkit CVE-2010- Browsers 1 attribute child removal 1119 code execution attempt
BROWSER-WEBKIT Apple Safari Webkit CVE-2009- Browsers 1 floating point buffer 2195 overflow attempt
BROWSER-WEBKIT Apple Safari Webkit CVE-2010- floating point Browsers 1 1807 conversion memory corruption attempt
BROWSER-WEBKIT Apple Safari WebkitCVE- CVE-2017- Browsers 2 2017-2464 Denial Of 2464 Service
BROWSER-WEBKIT Apple Safari browser CVE-2019- Browsers 1 putToPrimitive cross- 8764 site scripting attempt
BROWSER-WEBKIT CVE-2018- Browsers 1
January 2020 Page 15 of 245 IPS Signature Update
Apple Safari memory 4443 corruption attempt
BROWSER-WEBKIT Apple WebKit JSArray CVE-2019- Browsers 1 component out-of- 8518 bounds access
BROWSER-WEBKIT Apple WebKit QuickTime plugin CVE- CVE-2012- Browsers 2 2012-3753 content-type 3753 http header buffer overflow attempt
BROWSER-WEBKIT CVE-2016- Apple WebKit Same Browsers 1 1667 origin policy bypass
BROWSER-WEBKIT Apple WebKit memory CVE-2018- Browsers 1 corruption attempt 4233 CVE-2018-4233
BROWSER-WEBKIT CVE-2018- Apple WebKit memory Browsers 1 4233 corruption attempt
BROWSER-WEBKIT Apple WebKit CVE-2018- Browsers 1 updateReferencedText 4315 use-after-free attempt
BROWSER-WEBKIT Apple Webkit CVE- CVE-2018- 2018-4318 Browsers 2 4318 SVGTextLayoutAttribute s Use After Free
BROWSER-WEBKIT CVE-2018- Apple Webkit Browsers 1 updateDescendantDepe 4317 ndentFlags use-after-
January 2020 Page 16 of 245 IPS Signature Update
free attempt
BROWSER-WEBKIT Apple Webkit CVE-2018- updateMinimumColum Browsers 2 4323 nHeight use-after-free attempt
BROWSER-WEBKIT CVE-2016- Apple ioS WebKit Denial Browsers 2 4622 Of Service Vulnerability
BROWSER-WEBKIT WebKit AudioArray CVE-2020- Browsers 1 allocate out of bounds 3894 access attempt
BROWSER-WEBKIT CVE-2017- WebKit CVE-2017-2470 Browsers 2 2470 Information Disclosure
BROWSER-WEBKIT WebKit JavaScriptCore CVE-2019- emitEqualityOpImpl Browsers 1 8684 memory corruption attempt
BROWSER-WEBKIT WebKit JavaScriptCore CVE-2019- emitEqualityOpImpl Browsers 2 8684 memory corruption attempt
FILE-EXECUTABLE Microsoft Windows CVE-2018- Application 2 Win32k privilege 8404 and Software escalation attempt
FILE-EXECUTABLE CVE-2016- Application Symantec Antivirus CVE- 2 2016-2208 Engine PE 2208 and Software Header Heap Buffer
January 2020 Page 17 of 245 IPS Signature Update
Overflow
FILE-FLASH Adobe Adobe Flash Player CVE-2016- Multimedia 1 ActionExtends use after 7859 free attempt
FILE-FLASH Adobe Flash CVE-2016- AVC Decoder Memory Multimedia 1 4275 Corruption attempt
FILE-FLASH Adobe Flash CVE-2016-0997 Remote CVE-2016- Multimedia 2 Code Execution 0997 Vulnerability
FILE-FLASH Adobe Flash CVE-2016- CVE-2016-4231 Use- Multimedia 2 4231 After-Free Vulnerability
FILE-FLASH Adobe Flash ContextMenu Clone CVE-2016- Multimedia 1 memory corruption 4284 vulnerability attempt
FILE-FLASH Adobe Flash MovieClip proto chain CVE-2016- manipulation targeting Multimedia 1 7865 constructor use after free attempt
FILE-FLASH Adobe Flash Player CVE-2016- ABRControlParameters Multimedia 1 4185 access memory corruption attempt
FILE-FLASH Adobe Flash CVE-2016- Player AS2 setInterval Multimedia 1 0988 use after free attempt
FILE-FLASH Adobe Flash CVE-2016- Multimedia 1
January 2020 Page 18 of 245 IPS Signature Update
Player AS3 multiple axis 0989 attributes integer overflow attempt
FILE-FLASH Adobe Flash Player ASnative CVE-2016- Multimedia 1 setFocus use after free 7864 attempt
FILE-FLASH Adobe Flash Player CVE-2016- Multimedia 1 AVSegmentedSource 7857 use after free attempt
FILE-FLASH Adobe Flash Player BitmapData CVE-2016- Multimedia 1 applyFilter integer 7875 overflow attempt
FILE-FLASH Adobe Flash Player CVE-2016- Multimedia 1 BitmapData.applyFilter 0961 access violation attempt
FILE-FLASH Adobe Flash Player CVE-2016- BitmapData.copyChann Multimedia 1 0960 el access violation attempt
FILE-FLASH Adobe Flash Player CVE-2016- BitmapData.paletteMap Multimedia 1 0962 size mismatch integer overflow attempt
FILE-FLASH Adobe Flash Player ByteArray type CVE-2016- Multimedia 1 confusion memory 4249 corruption attempt
FILE-FLASH Adobe Flash CVE-2013- Multimedia 2 Player CVE-2013-3361
January 2020 Page 19 of 245 IPS Signature Update
Remote Code Execution 3361 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2014-8439 CVE-2014- Multimedia 2 Remote Code Execution 8439 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2015-3078 CVE-2015- Multimedia 2 Remote Code Execution 3078 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2015-5539 CVE-2015- Multimedia 2 Remote Code Execution 5539 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2015-5552 CVE-2015- Application 1 Remote Code Execution 5552 and Software Vulnerability
FILE-FLASH Adobe Flash Player CVE-2016-1010 CVE-2016- Multimedia 1 Rectangle Width Integer 1010 Overflow
FILE-FLASH Adobe Flash Player CVE-2016-4177 CVE-2016- Multimedia 2 SceneAndFrameData 4177 Memory Corruption
FILE-FLASH Adobe Flash Player CVE-2016-4227 CVE-2016- Multimedia 2 ActionScript setFocus 4227 Use After Free Attempt
FILE-FLASH Adobe Flash Player CVE-2016-4231 CVE-2016- Multimedia 2 MovieClip method loop 4231 use-after-free
January 2020 Page 20 of 245 IPS Signature Update
FILE-FLASH Adobe Flash Player CVE-2018-12824 CVE-2018- Multimedia 2 Information Disclosure 12827 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2018-12824 CVE-2018- Multimedia 2 Information Disclosure 12827 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2018-12826 CVE-2018- Multimedia 2 Information Disclosure 12826 Vulnerability
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free I
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free II
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free
FILE-FLASH Adobe Flash Player CVE-2018-5000 CVE-2018- Multimedia 1 Memory Address 5000 Disclosure
FILE-FLASH Adobe Flash CVE-2017- Player Camera use after Multimedia 1 3003 free attempt
FILE-FLASH Adobe Flash Player DRMManager CVE-2016- Multimedia 1 memory corruption 4285 attempt
FILE-FLASH Adobe Flash CVE-2016- Multimedia 1
January 2020 Page 21 of 245 IPS Signature Update
Player DefineBitsJPEG2 4179 invalid length memory corruption attempt
FILE-FLASH Adobe Flash Player CVE-2016- Multimedia 1 DisplacementMapFilter 4272 use-after-free attempt
FILE-FLASH Adobe Flash Player ExportAssets CVE-2016- Multimedia 1 count memory 1012 corruption attempt
FILE-FLASH Adobe Flash Player FrameLabel CVE-2016- Multimedia 1 memory corruption 6986 attempt
FILE-FLASH Adobe Flash Player JPEG handling CVE-2016- Multimedia 1 memory corruption 4229 attempt
FILE-FLASH Adobe Flash Player LocaleID CVE-2017- determinePreferredLoca Multimedia 1 3114 les Out-Of-Bounds Access
FILE-FLASH Adobe Flash Player LocaleID CVE-2017- determinePreferredLoca Multimedia 4 3114 les Out-Of-Bounds Access
FILE-FLASH Adobe Flash CVE-2016- Player MPD use-after- Multimedia 1 1006 free attempt
CVE-2016- Application FILE-FLASH Adobe Flash 1 Player Malformed ATF 1002 and Software
January 2020 Page 22 of 245 IPS Signature Update
Heap Overflow Attempt
FILE-FLASH Adobe Flash Player CVE-2016- MediaPlayerItemLoader Multimedia 1 4182 out of bounds memory access attempt
FILE-FLASH Adobe Flash Player MovieClip CVE-2016- method loop use-after- Multimedia 2 4231 free attempt CVE-2016- 4231
FILE-FLASH Adobe Flash Player MovieClip CVE-2015- Multimedia 1 method use after free 8639 attempt
FILE-FLASH Adobe Flash Player NetConnection CVE-2016- proxyType invalid value Multimedia 1 7874 out of bounds read attempt
FILE-FLASH Adobe Flash CVE-2016- Player NetConnection Multimedia 1 7879 use after free attempt
FILE-FLASH Adobe Flash CVE-2016- Player NetStream type Multimedia 1 4280 confusion attempt
FILE-FLASH Adobe Flash Player Primetime SDK CVE-2016- Multimedia 1 out of bounds read 7873 attempt
FILE-FLASH Adobe Flash CVE-2016- Player QOSProvider use- Multimedia 1 6984 after-free attempt
January 2020 Page 23 of 245 IPS Signature Update
FILE-FLASH Adobe Flash Player Rectangle CVE-2016- Multimedia 1 constructor use after 4228 free attempt
FILE-FLASH Adobe Flash Player CVE-2016- ShimContentResolver Multimedia 1 4283 out of bounds memory access attempt
FILE-FLASH Adobe Flash CVE-2016- Player Stage align use Multimedia 2 4226 aftre free attempt
FILE-FLASH Adobe Flash CVE-2016- Player StyleSheets use Multimedia 1 4174 after free attempt
FILE-FLASH Adobe Flash CVE-2016- Player TextField use Multimedia 1 7863 after free attempt
FILE-FLASH Adobe Flash Player TimedEvent CVE-2016- Multimedia 1 memory corruption 4188 attempt
FILE-FLASH Adobe Flash CVE-2016- Player Transform getter Multimedia 1 4230 use after free attempt
FILE-FLASH Adobe Flash CVE-2016- Player Transform object Multimedia 1 4173 use after free attempt
FILE-FLASH Adobe Flash CVE-2016- Player addCallback use Multimedia 1 7858 after free attempt
CVE-2016- FILE-FLASH Adobe Flash Multimedia 1 Player addProperty use 7872
January 2020 Page 24 of 245 IPS Signature Update
after free attempt
FILE-FLASH Adobe Flash CVE-2017- Player allocator use- Multimedia 1 3062 after-free attempt
FILE-FLASH Adobe Flash Player and AIR Multiple CVE-2015- Unspecified Memory Multimedia 2 3093 Corruption Vulnerabilities
FILE-FLASH Adobe Flash Player CVE-2017- determinePreferredLoca Multimedia 2 3114 les memory corruption attempt
FILE-FLASH Adobe Flash Player CVE-2017- determinePreferredLoca Multimedia 1 3082 les out of bounds memory read attempt
FILE-FLASH Adobe Flash Web Services Player display list CVE-2017- and 1 structure Memory 2930 Applications Corruption Attempt
FILE-FLASH Adobe Flash Player CVE-2016- Multimedia 1 duplicateMovieClip use 1013 after free attempt
FILE-FLASH Adobe Flash Player event handler CVE-2016- Multimedia 1 out of bounds memory 6985 access attempt
FILE-FLASH Adobe Flash CVE-2016- Player hitTest Multimedia 1 BitmapData object 0963 integer overflow
January 2020 Page 25 of 245 IPS Signature Update
attempt
FILE-FLASH Adobe Flash Player htmlText method CVE-2016- Multimedia 1 use-after-free memory 0995 corruption attempt
FILE-FLASH Adobe Flash Player invalid FLV CVE-2016- Multimedia 1 header out of bounds 1001 write attempt
FILE-FLASH Adobe Flash Player malformed ATF CVE-2017- Multimedia 1 file length heap 2934 overflow attempt
FILE-FLASH Adobe Flash Player malformed CVE-2018- ActionSetTarget record Multimedia 2 5008 information disclosure attempt
FILE-FLASH Adobe Flash Player malformed CVE-2017- Multimedia 1 PlaceObject3 memory 2931 corruption attempt
FILE-FLASH Adobe Flash Player malformed CVE-2016- Multimedia 1 VideoFrame memory 4274 corruption attempt
FILE-FLASH Adobe Flash Player malformed CVE-2016- Multimedia 2 regular expression use 4121 after free attempt
FILE-FLASH Adobe Flash Player malformed tag CVE-2016- Multimedia 1 out of bounds read 4176 attempt
January 2020 Page 26 of 245 IPS Signature Update
FILE-FLASH Adobe Flash Player multiple scripts CVE-2016- Multimedia 1 display rendering use- 1011 after-free attempt
FILE-FLASH Adobe Flash Player newfunction CVE-2010- Multimedia 1 memory corruption 0197 exploit attempt
FILE-FLASH Adobe Flash Player onSetFocus CVE-2016- Multimedia 1 movie clip use after free 7892 attempt
FILE-FLASH Adobe Flash Player onSetFocus CVE-2017- Multimedia 1 movieclip use after free 2932 attempt
FILE-FLASH Adobe Flash CVE-2016- Player out of bounds Multimedia 1 4281 memory access attempt
FILE-FLASH Adobe Flash Player out of scope CVE-2015- Multimedia 1 newclass memory 0322 corruption attempt
FILE-FLASH Adobe Flash Player rectangle width CVE-2016- Multimedia 1 integer overflow 1010 attempt
FILE-FLASH Adobe Flash CVE-2016- Player recursion calls Multimedia 1 0986 stack overflow attempt
FILE-FLASH Adobe Flash Player recursive CVE-2011- Multimedia 1 doaction stack 2457 exhaustion
January 2020 Page 27 of 245 IPS Signature Update
FILE-FLASH Adobe Flash CVE-2016- Player sentEvent use Multimedia 1 6987 after free attempt
FILE-FLASH Adobe Flash CVE-2016- Player si32 integer Multimedia 1 0993 overflow attempt
FILE-FLASH Adobe Flash CVE-2016- Player swapDepths use Multimedia 1 0999 after free attempt
FILE-FLASH Adobe Flash Player toString type CVE-2016- Multimedia 1 confusion memory 1019 corruption attempt
FILE-FLASH Adobe Flash CVE-2016- Player use after free Multimedia 1 0987 attempt
FILE-FLASH Adobe Flash CVE-2017- Player visual blend out Multimedia 1 2928 of bounds read attempt
FILE-FLASH Adobe Flash Player CVE-2016- Multimedia 1 writeDynamicProperties 7877 use-after-free attempt
FILE-FLASH Adobe Primetime SDK CVE-2016- Multimedia 1 setObject type 7861 confusion attempt
FILE-FLASH Adobe CVE-2013- Reader CVE-2013-5324 Multimedia 2 5324 Remote Code Execution
FILE-FLASH Adobe CVE-2016- Multimedia 1 Standalone Flash Player 6981 AS3 NetStream object
January 2020 Page 28 of 245 IPS Signature Update
use after free attempt
FILE-FLASH Adobe Standalone Flash Player AS3 Primetime timeline CVE-2016- Multimedia 1 ShimContentResolver 6983 out of bounds read attempt
FILE-FLASH Adobe Standalone Flash Player CVE-2016- Multimedia 1 ASnative object use 0991 after free attempt
FILE-FLASH Adobe Standalone Flash Player CVE-2016- PSDK FlashRuntime Multimedia 1 6982 mediaplayer pause attempt
FILE-FLASH Adobe Standalone Flash Player CVE-2016- Multimedia 1 out of bounds memory 4282 access attempt
FILE-FLASH Adobe Standalone Flash Player CVE-2016- Multimedia 1 texfield getter use after 0990 free attempt
FILE-FLASH Adobe CVE-2016- Standalone Flash Player Multimedia 1 4279 use after free attempt
FILE-IDENTIFY .rtx file Application 4 attachment detected and Software
FILE-IDENTIFY Apple CVE-2011- Application QuickTime PICT v2.0 4 0257 and Software Image header
FILE-IDENTIFY Apple Application 4
January 2020 Page 29 of 245 IPS Signature Update
Quicktime Targa Image and Software file download request
FILE-IDENTIFY EPS file Application 4 download request and Software
FILE-IDENTIFY FlashPix Application 4 file download request and Software
FILE-IDENTIFY Heroes of Application Might and Magic III map 4 and Software file download request
FILE-IDENTIFY ISO file Application 4 download request and Software
FILE-IDENTIFY JNLP file Application 4 attachment detected and Software
FILE-IDENTIFY Application Java .class file download 4 and Software request
FILE-IDENTIFY MachO Application x64 Little Endian file 4 and Software magic detected
FILE-IDENTIFY Oracle Application Java JMX management 4 and Software loading mlet detected
FILE-IDENTIFY RAR file Application 4 magic detected and Software
FILE-IDENTIFY RMF file Application 4 attachment detected and Software
FILE-IDENTIFY RSS file Application 4 download request and Software
FILE-IDENTIFY SMIL file Application 4
January 2020 Page 30 of 245 IPS Signature Update
download request and Software
FILE-IDENTIFY SVG file Application 4 download request and Software
FILE-IDENTIFY XBM Application image file download 4 and Software request
FILE-IDENTIFY maplet Application bin file download 4 and Software attempt
FILE-IDENTIFY maplet Application file attachment 4 and Software detected
FILE-IMAGE Acrobat Reader CVE-2018-5058 CVE-2018- Multimedia 1 Information Disclosure 5058 Vulnerability
FILE-IMAGE Acrobat Reader CVE-2018-5058 CVE-2018- Multimedia 1 Information Disclosure 5058 Vulnerability
FILE-IMAGE Adobe Acrobat TIFF ICC tag CVE-2017- Multimedia 1 heap buffer overflow 2963 attempt
FILE-IMAGE Adobe Acrobat TIFF CVE-2017- PhotometricInterpretati Multimedia 1 2966 on heap buffer overflow attempt
FILE-IMAGE Adobe Acrobat TIFF Software CVE-2017- Multimedia 2 tag heap buffer 2965 overflow attempt
January 2020 Page 31 of 245 IPS Signature Update
FILE-IMAGE Adobe Photoshop CS5 gif file CVE-2011- Multimedia 1 heap corruption 2131 attempt
FILE-IMAGE Adobe Pro DC Exif ModifyDate CVE-2016- Multimedia 1 metadata memory 1076 corruption attempt
FILE-IMAGE Adobe Pro DC Exif Software CVE-2016- Multimedia 1 metadata memory 1076 corruption attempt
FILE-IMAGE Adobe Reader malformed CVE-2017- Multimedia 1 app13 marker memory 2964 corruption attempt
FILE-IMAGE Apple QuickTime Targa image CVE-2012- Multimedia 1 file buffer overflow 3755 attempt
FILE-IMAGE Apple Quicktime FlashPix CVE-2009- Multimedia 1 processing overflow 2798 attempt
FILE-IMAGE Apple Quicktime malformed CVE-2016- Multimedia 2 FPX file memory 1767 corruption attempt
FILE-IMAGE Apple Quicktime malformed CVE-2016- Multimedia 2 FPX file memory 1768 corruption attempt
CVE-2016- FILE-IMAGE Multimedia 3 ImageMagick LibTIFF 8707
January 2020 Page 32 of 245 IPS Signature Update
invalid SamplesPerPixel buffer overflow attempt
FILE-IMAGE ImageMagick PostScript decode delegate Multimedia 1 command injection attempt
FILE-IMAGE ImageMagick SGI File CVE-2018- Multimedia 2 Handling Buffer 5040 Overflow
FILE-IMAGE ImageMagick CVE-2016- WWWDecodeDelegate Multimedia 1 3714 command injection attempt
FILE-IMAGE ImageMagick CVE-2016- WWWDecodeDelegate Multimedia 2 3714 command injection attempt
FILE-IMAGE ImageMagick and CVE-2016- GraphicsMagick Multimedia 1 5118 OpenBlob command injection attempt
FILE-IMAGE OpenOffice EMF file EMR record CVE-2008- Multimedia 1 parsing integer overflow 2238 attempt
FILE-IMAGE Oracle Java Web Start Splashscreen CVE-2008- Multimedia 1 GIF decoding buffer 2086 overflow attempt
January 2020 Page 33 of 245 IPS Signature Update
FILE-JAVA Oracle Java 2D ImagingLib CVE-2013- Application AffineTransformOp 1 0809 and Software integer overflow attempt
FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp CVE-2013- Application 1 storeImageArray 2465 and Software memory corruption attempt
FILE-JAVA Oracle Java 2D ImagingLib CVE-2013- Application 1 ConvolveOp integer 0809 and Software overflow attempt
FILE-JAVA Oracle Java 2D ImagingLib CVE-2013- Application 1 LookupOp integer 0809 and Software overflow attempt
FILE-JAVA Oracle Java Applet Rhino script CVE-2011- Application 2 engine remote code 3544 and Software execution attempt
FILE-JAVA Oracle Java CVE-2011- Application Applet remote code 1 3544 and Software execution attempt
FILE-JAVA Oracle Java AtomicReferenceFieldU CVE-2014- Application 1 pdater remote code 4262 and Software execution attempt
FILE-JAVA Oracle Java CVE-2010-4462 CVE-2010- Application XGetSamplePtrFromSnd 2 4462 and Software Memory Corruption Attempt
January 2020 Page 34 of 245 IPS Signature Update
FILE-JAVA Oracle Java CVE-2011-0802 CVE-2011- Application 2 FileDialog.Show Heap 0802 and Software Buffer Overflow
FILE-JAVA Oracle Java CVE-2011-3545 MixerSequencer.nAddC CVE-2011- Application 2 ontrollerEventCallback 3545 and Software Array Index Out-of- bounds
FILE-JAVA Oracle Java CVE-2012-0500 Web CVE-2012- Application Start Arbitrary 1 0500 and Software Command Execution Attempt
FILE-JAVA Oracle Java CVE-2013-2470, CVE-2013- Application sun.awt.image.ImagingL 3 2470 and Software ib.lookupByteBI Memory Corruption
FILE-JAVA Oracle Java CVE-2013-2473 CVE-2013- Application java.awt.image.ByteCo 2 2473 and Software mponentRaster Memory Corruption
FILE-JAVA Oracle Java HsbParser.getSoundBan CVE-2009- Application 1 k stack buffer overflow 3867 and Software attempt
FILE-JAVA Oracle Java CVE-2013- Application ImagingLib buffer 1 2463 and Software overflow attempt
FILE-JAVA Oracle Java CVE-2013- Application ImagingLib buffer 2 2463 and Software overflow attempt
January 2020 Page 35 of 245 IPS Signature Update
FILE-JAVA Oracle Java IntegerInterleavedRaste CVE-2013- Application 1 r integer overflow 2471 and Software attempt
FILE-JAVA Oracle Java IntegerInterleavedRaste CVE-2013- Application 1 r.verify method integer 2471 and Software overflow attempt
FILE-JAVA Oracle Java CVE-2013- Application JMX class arbitrary code 1 0422 and Software execution attempt
FILE-JAVA Oracle Java PhantomReference CVE- CVE-2015- Application 2 2015-0395 Use After 0395 and Software Free
FILE-JAVA Oracle Java Rhino script engine CVE-2011- Application 1 remote code execution 3544 and Software attempt
FILE-JAVA Oracle Java Runtime AWT CVE-2009- Application 1 setDiffICM stack buffer 3869 and Software overflow attempt
FILE-JAVA Oracle Java Runtime CVE-2012- CVE-2012- Application 2 1723 Bytecode Verifier 1723 and Software Cache Code Execution
FILE-JAVA Oracle Java Runtime Environment CVE-2008-5352 Pack200 CVE-2008- Application 1 Decompression Integer 5352 and Software Overflow attempt Vulnerability
FILE-JAVA Oracle Java CVE-2008- Application 1
January 2020 Page 36 of 245 IPS Signature Update
Runtime Environment 5354 and Software JAR File Processing Stack Buffer Overflow
FILE-JAVA Oracle Java Runtime Environment CVE-2008- Application Pack200 Decompression 1 5352 and Software Integer Overflow attempt
FILE-JAVA Oracle Java Runtime Environment CVE-2009- Application 1 Pack200 Decompression 1095 and Software Integer Overflow
FILE-JAVA Oracle Java Runtime true type font CVE-2012- Application 1 idef opcode heap buffer 0499 and Software overflow attempt
FILE-JAVA Oracle Java ShortComponentRaster CVE-2013- Application 1 integer overflow 2472 and Software attempt
FILE-JAVA Oracle Java CVE-2014- Application System.arraycopy race 1 0456 and Software condition attempt
FILE-JAVA Oracle Java Web Start JNLP j2se key CVE-2008- Application 1 value buffer overflow 3111 and Software attempt
FILE-JAVA Oracle Java XGetSamplePtrFromSnd CVE-2010- Application 1 memory corruption 4462 and Software attempt
FILE-JAVA Oracle Java CVE-2013- Application and JavaFX 1 JPEGImageReader 2420 and Software memory corruption
January 2020 Page 37 of 245 IPS Signature Update
attempt
FILE-JAVA Oracle Java CVE-2010- Application browser plugin docbase 1 3552 and Software overflow attempt
FILE-JAVA Oracle Java field bytecode verifier CVE-2012- Application 1 cache code execution 1723 and Software attempt
FILE-JAVA Oracle Java CVE-2013- Application font rendering remote 1 1491 and Software code execution attempt
FILE-JAVA Oracle Java getSoundBank overflow CVE-2009- Application 1 Attempt malicious jar 3867 and Software file
FILE-JAVA Oracle Java java.util.concurrent.Con CVE-2013- Application currentHashMap 1 2426 and Software memory corruption attempt
FILE-JAVA Oracle Java sun.awt.image.ImageRe CVE-2013- Application presentation.setPixels 1 2420 and Software integer overflow attempt
FILE-JAVA Oracle Java sun.awt.image.ImagingL CVE-2013- Application ib.lookupByteBI 1 2470 and Software memory corruption attempt
FILE-MULTIMEDIA Adobe Flash Player MP4 CVE-2017- Multimedia 1 stsz atom memory 2926 corruption attempt
January 2020 Page 38 of 245 IPS Signature Update
FILE-MULTIMEDIA Apple QuickTime CVE-2011- CVE-2011- 0257 PICT Image PnSize Multimedia 2 0257 Opcode Stack Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime FPX File Multimedia 4 Requested
FILE-MULTIMEDIA Apple CVE-2009- QuickTime H.264 Movie Multimedia 1 2799 File Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime Image CVE-2009- Description Atom Sign Multimedia 1 0955 Extension Memory Corruption
FILE-MULTIMEDIA Apple QuickTime Image CVE-2009- Description Atom Sign Multimedia 4 0955 Extension Memory Corruption
FILE-MULTIMEDIA Apple QuickTime Image CVE-2009- Description Atom sign Multimedia 1 0955 extension memory corruption attempt
FILE-MULTIMEDIA Apple QuickTime JPEG 2000 CVE-2011- Multimedia 1 COD Length Integer 3250 Underflow
FILE-MULTIMEDIA Apple QuickTime Movie File CVE-2009- Clipping Region Multimedia 1 0954 Handling Heap Buffer Overflow
January 2020 Page 39 of 245 IPS Signature Update
FILE-MULTIMEDIA Apple QuickTime PDAT Atom CVE-2008- Multimedia 1 parsing buffer overflow 3625 attempt
FILE-MULTIMEDIA Apple QuickTime PICT File CVE-2012- Multimedia 1 Processing Memory 0671 Corruption
FILE-MULTIMEDIA Apple QuickTime PICT File CVE-2012- Multimedia 4 Processing Memory 0671 Corruption
FILE-MULTIMEDIA Apple QuickTime PICT Image CVE-2009- Multimedia 1 paintPoly Parsing Heap 0010 Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime PICT Image CVE-2009- Multimedia 4 paintPoly Parsing Heap 0010 Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime Plugin CVE-2012- Multimedia 1 SetLanguage Buffer 0666 Overflow
FILE-MULTIMEDIA Apple QuickTime Plugin CVE-2012- Multimedia 4 SetLanguage Buffer 0666 Overflow
FILE-MULTIMEDIA Apple QuickTime QTPlugin.ocx Multimedia 1 _Marshaled_pUnk Code Execution
FILE-MULTIMEDIA Apple Multimedia 4 QuickTime QTPlugin.ocx
January 2020 Page 40 of 245 IPS Signature Update
_Marshaled_pUnk Code Execution
FILE-MULTIMEDIA Apple QuickTime QTVR CVE-2012- Multimedia 1 QTVRStringAtom 0667 Parsing Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime QTVR CVE-2012- Multimedia 4 QTVRStringAtom 0667 Parsing Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime STSD JPEG CVE-2009- Multimedia 1 atom heap corruption 0007 attempt
FILE-MULTIMEDIA Apple QuickTime TeXML Color CVE-2012- Multimedia 1 String Parsing Buffer 0663 Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML Color CVE-2012- Multimedia 4 String Parsing Buffer 0663 Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML Style CVE-2012- Element Text Multimedia 1 3752 Specification Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML Style CVE-2012- Element Text Multimedia 4 3752 Specification Buffer Overflow
FILE-MULTIMEDIA Apple CVE-2012- Multimedia 4 QuickTime TeXML 0663 Transform Attribute
January 2020 Page 41 of 245 IPS Signature Update
Parsing Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML CVE-2013- Multimedia 1 textBox Element 1015 Memory Corruption
FILE-MULTIMEDIA Apple QuickTime TeXML CVE-2013- Multimedia 4 textBox Element 1015 Memory Corruption
FILE-MULTIMEDIA Apple QuickTime alis Volume CVE-2013- Name Parsing Stack Multimedia 1 1017 Buffer Overflow (Published Exploit)
FILE-MULTIMEDIA Apple QuickTime enof Atom CVE-2013- Multimedia 1 Parsing Heap Buffer 0986 Overflow
FILE-MULTIMEDIA Apple QuickTime enof atom CVE-2013- Multimedia 1 parsing heap buffer 0986 overflow attempt
FILE-MULTIMEDIA Apple CVE-2014- QuickTime ftab Atom Multimedia 1 1246 Stack Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime marshaled CVE-2010- Multimedia 1 punk remote code 1818 execution
FILE-MULTIMEDIA Apple QuickTime movie file CVE-2009- clipping region handling Multimedia 1 0954 heap buffer overflow attempt
January 2020 Page 42 of 245 IPS Signature Update
FILE-MULTIMEDIA Apple QuickTime pict image CVE-2007- Multimedia 1 poly structure memory 4676 corruption attempt
FILE-MULTIMEDIA Apple QuickTime streaming CVE-2010- Multimedia 1 debug error logging 1799 buffer overflow attempt
FILE-MULTIMEDIA Apple QuickTime text track CVE-2012- Multimedia 1 descriptors heap buffer 0664 overflow attempt
FILE-MULTIMEDIA Apple QuickTime udta Atom Multimedia 4 Buffer Overflow
FILE-MULTIMEDIA Apple Quicktime MJPEG CVE-2013- Multimedia 1 Frame stsd Atom Heap 1020 Overflow
FILE-MULTIMEDIA Apple Quicktime MJPEG CVE-2013- Multimedia 4 Frame stsd Atom Heap 1020 Overflow
FILE-MULTIMEDIA Apple Quicktime Text Track CVE-2012- Multimedia 1 Descriptors Heap Buffer 0664 Overflow
FILE-MULTIMEDIA Apple Quicktime Text Track CVE-2012- Multimedia 4 Descriptors Heap Buffer 0664 Overflow
FILE-MULTIMEDIA Apple CVE-2009- Multimedia 1 iTunes DAAP protocol 0950 handler stack buffer
January 2020 Page 43 of 245 IPS Signature Update
overflow attempt
FILE-MULTIMEDIA Apple iTunes ITMS protocol CVE-2009- Multimedia 1 handler stack buffer 0950 overflow attempt
FILE-MULTIMEDIA Apple iTunes ITMSS protocol CVE-2009- Multimedia 1 handler stack buffer 0950 overflow attempt
FILE-MULTIMEDIA Apple iTunes ITPC protocol CVE-2009- Multimedia 1 handler stack buffer 0950 overflow attempt
FILE-MULTIMEDIA Apple CVE-2009- iTunes Protocol Handler Multimedia 1 0950 Stack Buffer Overflow
FILE-MULTIMEDIA RealNetworks CVE- 2007-5081 RealPlayer CVE-2007- Multimedia 4 RealMedia File Format 5081 Processing Heap Corruption Attempt
FILE-MULTIMEDIA RealNetworks RealPlayer IVR Handling Multimedia 4 Heap Buffer Overflow (Published Exploit)
FILE-OFFICE Adobe Acrobat CVE-2017- ImageConversion JPEG Office Tools 1 2959 Heap-based Buffer Overflow
FILE-OFFICE Adobe CVE-2017- Office Tools 4 Acrobat 2959 ImageConversion JPEG
January 2020 Page 44 of 245 IPS Signature Update
Heap-based Buffer Overflow
FILE-OFFICE Adobe Acrobat CVE-2017- Office Tools 1 ImageConversion JPEG 2960 Out-of-Bounds Read
FILE-OFFICE Adobe Acrobat CVE-2017- Office Tools 4 ImageConversion JPEG 2960 Out-of-Bounds Read
FILE-OFFICE Adobe Acrobat CVE-2017- ImageConversion TIFF Office Tools 4 2966 Heap-based Buffer Overflow
FILE-OFFICE LibreOffice CVE-2018-6871 CVE-2018- Office Tools 2 WEBSERVICE 6871 Information Disclosure
FILE-OFFICE LibreOffice CVE-2019- LibreLogo Arbitrary Office Tools 1 9848 Code Execution
FILE-OFFICE LibreOffice CVE-2019- LibreLogo Arbitrary Office Tools 4 9848 Code Execution
FILE-OFFICE LibreOffice CVE-2018- Macro Event Remote Office Tools 2 16858 Code Execution
FILE-OFFICE LibreOffice CVE-2018- Macro Event Remote Office Tools 4 16858 Code Execution
CVE-2019- FILE-OFFICE Microsoft Office Tools 2 Office Excel CVE-2019- 1112
January 2020 Page 45 of 245 IPS Signature Update
1112 Information Disclosure
FILE-OFFICE Microsoft Office Excel Information CVE-2018- Office Tools 1 Disclosure Vulnerability 4901 CVE-2019-1110
FILE-OTHER ACD Systems ACDSee Application Products XBM file 1 and Software handling buffer overflow attempt
FILE-OTHER AOL Application Desktop RTX file parsing 1 and Software buffer overflow attempt
FILE-OTHER Acrobat Reader CVE-2018-12761 CVE-2018- Application 1 Information Disclosure 12761 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12833 CVE-2018- Application 2 Information Disclosure 12833 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12838 CVE-2018- Application 2 Information Disclosure 12838 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12845 CVE-2018- Application 2 Information Disclosure 12845 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12856 CVE-2018- Application 2 Information Disclosure 12856 and Software Vulnerability
January 2020 Page 46 of 245 IPS Signature Update
FILE-OTHER Acrobat Reader CVE-2018-15935 CVE-2018- Application 2 Information Disclosure 15935 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-15948 CVE-2018- Application 2 Information Disclosure 15948 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-5062 CVE-2018- Application 1 Information Disclosure 5062 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-5062 CVE-2018- Application 1 Information Disclosure 5062 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-5067 CVE-2018- Application 1 Information Disclosure 5067 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-5067 CVE-2018- Application 1 Information Disclosure 5067 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7140 CVE-2019- Application 2 Out-of-Bound Read 7140 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7143 CVE-2019- Application 2 Out-of-Bound Read 7143 and Software Vulnerability
CVE-2019- Application FILE-OTHER Acrobat 2 Reader CVE-2019-7785 7785 and Software
January 2020 Page 47 of 245 IPS Signature Update
Use After Free Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7787 CVE-2019- Application 2 Out-of-Bound Read 7787 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7788 CVE-2019- Application 2 Use After Free 7788 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7791 CVE-2019- Application 2 Use After Free 7791 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7798 CVE-2019- Application 2 Out-of-Bound Read 7798 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7799 CVE-2019- Application 2 Out-of-Bound Read 7799 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7810 CVE-2019- Application 2 Out Of Bound Read 7810 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7819 CVE-2019- Application 2 Use After Free 7819 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7824 CVE-2019- Application 2 Buffer Error 7824 and Software Vulnerability
January 2020 Page 48 of 245 IPS Signature Update
FILE-OTHER Acrobat Reader CVE-2019-7825 CVE-2019- Application 2 Out-of-Bound Read 7825 and Software Vulnerability
FILE-OTHER Adobe Acrobat And Reader EPS CVE-2018- Application CVE-2018-12841 2 12841 and Software Arbitrary Code Execution
FILE-OTHER Adobe Acrobat CVE-2017- CVE-2014- Application 16395 EMF conversion 2 0529 and Software heap buffer overflow attempt
FILE-OTHER Adobe Acrobat CVE-2017- CVE-2017- Application 16404 EMFPlus out of 2 16404 and Software bounds buffer overflow attempt
FILE-OTHER Adobe Acrobat CVE-2017- CVE-2017- Application 16407 ImageConversion 1 16407 and Software EMF BMP Out of Bounds Read II
FILE-OTHER Adobe Acrobat CVE-2017- CVE-2017- Application 16407 ImageConversion 1 16407 and Software EMF BMP Out of Bounds Read
FILE-OTHER Adobe Acrobat CVE-2018- CVE-2018- Application 2 15934 Out Of Bounds 15934 and Software Read
CVE-2018- Application FILE-OTHER Adobe 2 Acrobat CVE-2018- 15986 and Software
January 2020 Page 49 of 245 IPS Signature Update
15986 Memory Corruption
FILE-OTHER Adobe CVE-2019- Application Acrobat CVE-2019-7040 2 7040 and Software use after free attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat CVE-2019-7043 2 7043 and Software use after free attempt
FILE-OTHER Adobe Acrobat EMF CVE-2018- Application EMR_CREATEMONOBR 2 16020 and Software USH out-of-bounds write attempt
FILE-OTHER Adobe Acrobat EMF embedded CVE-2018- Application 1 DIB out of bound read 4968 and Software attempt
FILE-OTHER Adobe Acrobat EMF file GIF CVE-2017- Application LZW coding table 2 11258 and Software memory corruption attempt
FILE-OTHER Adobe Acrobat EMF file GIF CVE-2017- Application 2 sub-block memory 11260 and Software corruption attempt
FILE-OTHER Adobe Acrobat EMF file CVE-2017- Application 2 kerning data memory 11239 and Software corruption attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat EMF 1 malformed Object 4885 and Software record out-of-bounds
January 2020 Page 50 of 245 IPS Signature Update
access attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat EMF out of 1 16017 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat EMF out-of- 2 16022 and Software bounds read attempt
FILE-OTHER Adobe Acrobat EMF with CVE-2017- Application malformed embedded 2 11259 and Software JPEG memory corruption attempt
FILE-OTHER Adobe Acrobat HTML invalid CVE-2018- Application pointer CVE-2018- 2 12778 and Software 12778 Out-Of-Bounds Read
FILE-OTHER Adobe Acrobat CVE-2018- Application ImageConversion EMF 3 4886 and Software EMR_STRETCHBLT Out of Bounds Read
FILE-OTHER Adobe Acrobat ImageConversion EMF CVE-2017- Application 2 EMR_STRETCHDIBITS 16397 and Software Heap-based Buffer Overflow
FILE-OTHER Adobe Acrobat CVE-2017- Application ImageConversion EMF 2 16416 and Software EmfPlus Heap-based Buffer Overflow
FILE-OTHER Adobe CVE-2018- Application 2 Acrobat Index CVE-
January 2020 Page 51 of 245 IPS Signature Update
2018-4984 Out of 4984 and Software Bounds
FILE-OTHER Adobe Acrobat JavaScript CVE-2019- Application 2 engine security bypass 7041 and Software attempt
FILE-OTHER Adobe Acrobat PostScript file CVE-2019- Application 2 parsing TBuildCharDict 7084 and Software use after free attempt
FILE-OTHER Adobe Acrobat Pro CVE-2018- CVE-2018- Application 2 15993 WebCapture use 15993 and Software after free attempt
FILE-OTHER Adobe Acrobat Pro CVE-2018- CVE-2018- Application 19704 XPS file image- 2 19704 and Software load out-of-bounds read attempt
FILE-OTHER Adobe Acrobat Pro CVE-2018- CVE-2018- Application 2 4893 XPS Out Of 4893 and Software Bounds Read Attempt
FILE-OTHER Adobe Acrobat Pro CVE-2018- CVE-2018- Application 2 4896 Out Of Bounds 4896 and Software Read Attempt
FILE-OTHER Adobe Acrobat Pro CVE-2018- CVE-2018- Application 4904 Embedded TIFF 2 4904 and Software Heap Overflow Attempt I
FILE-OTHER Adobe CVE-2018- Application 2 Acrobat Pro CVE-2018- 4904 and Software 4904 Embedded TIFF
January 2020 Page 52 of 245 IPS Signature Update
Heap Overflow Attempt II
FILE-OTHER Adobe Acrobat Pro EMF CVE-2018- Application 2 Alphablend memory 12789 and Software corruption attempt
FILE-OTHER Adobe Acrobat Pro EMF CVE- CVE-2018- Application 3 2018-4986 Sensitive 4986 and Software Information Disclosure
FILE-OTHER Adobe Acrobat Pro EMF CVE-2018- Application 2 EmfPlusDrawString out 4879 and Software of bounds read attempt
FILE-OTHER Adobe Acrobat Pro EMF CVE-2018- Application ImageConversion out- 2 12860 and Software of-bounds write attempt
FILE-OTHER Adobe Acrobat Pro EMF file Application EMR_ALPHABLEND 1 and Software record memory corruption attempt
FILE-OTHER Adobe Acrobat Pro EMF file CVE-2018- Application 2 out-of-bounds write 12865 and Software attempt
FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap CVE-2018- Application 1 rectangle destination 4886 and Software out of bounds read attempt
January 2020 Page 53 of 245 IPS Signature Update
FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap CVE-2018- Application 2 rectangle destination 4886 and Software out of bounds read attempt
FILE-OTHER Adobe Acrobat Pro EMF CVE-2018- Application 2 memory corruption 15951 and Software attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro EMF out of 2 4986 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro EMF out of 1 4895 and Software bounds write attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro EMF use- 1 12796 and Software after-free attempt
FILE-OTHER Adobe Acrobat Pro PDX CVE-2018- Application malformed index out of 1 4984 and Software bounds memory read attempt
FILE-OTHER Adobe Acrobat Pro TIFF CVE-2018- Application 2 embedded XPS file out 16012 and Software of bounds read attempt
FILE-OTHER Adobe Acrobat Pro U3D CVE- CVE-2018- Application 2 2018-15952 IFF Out Of 15952 and Software Bounds Read
CVE-2018- Application FILE-OTHER Adobe 2 Acrobat Pro XPS ODTTF 16028 and Software
January 2020 Page 54 of 245 IPS Signature Update
out-of-bounds read attempt
FILE-OTHER Adobe Acrobat Pro XPS ODTTF CVE-2018- Application 2 out-of-bounds read 19712 and Software attempt
FILE-OTHER Adobe Acrobat Pro XPS TTF CVE-2018- Application 2 out-of-bounds read 16001 and Software attempt
FILE-OTHER Adobe Acrobat Pro XPS file CVE-2018- Application 2 font-load out-of-bounds 19711 and Software read attempt
FILE-OTHER Adobe Acrobat Pro XPS file CVE-2018- Application 2 image-load out-of- 19704 and Software bounds read attempt
FILE-OTHER Adobe Acrobat Pro XPS file CVE-2018- Application malformed Source 1 4899 and Software attribute buffer overflow attempt
FILE-OTHER Adobe Acrobat Pro XPS file CVE-2018- Application 2 out-of-bounds read 19714 and Software attempt
FILE-OTHER Adobe Acrobat Pro XPS CVE-2018- Application malformed TIFF data 1 4907 and Software out of bounds access attempt
CVE-2018- Application FILE-OTHER Adobe 1 Acrobat Pro XPS out of 4893 and Software
January 2020 Page 55 of 245 IPS Signature Update
bounds read attempt
FILE-OTHER Adobe Acrobat Pro embedded CVE-2018- Application 1 JPEG out of bounds 4889 and Software read attempt
FILE-OTHER Adobe Acrobat Pro embedded CVE-2018- Application 2 TIFF heap overflow 4904 and Software attempt
FILE-OTHER Adobe Acrobat Pro malformed EMF CVE-2018- Application 2 EmfPlustDrawImagePoi 4906 and Software nts out of bounds read attempt
FILE-OTHER Adobe Acrobat Pro malformed CVE-2018- Application 3 EMF comment memory 12763 and Software corruption attempt
FILE-OTHER Adobe Acrobat Pro nested IFD CVE-2018- Application 1 out of bounds read 4897 and Software attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro out of 2 15985 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro out of 2 15989 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro out of 2 16013 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application 2
January 2020 Page 56 of 245 IPS Signature Update
Acrobat Pro out of 16035 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro out of 1 4894 and Software bounds read attempt
FILE-OTHER Adobe CVE-2018- Application Acrobat Pro out-of- 2 4912 and Software bounds read attempt
FILE-OTHER Adobe Acrobat Pro path CVE-2018- Application 1 element out of bounds 4898 and Software memory access attempt
FILE-OTHER Adobe Acrobat Pro tiff parser CVE-2018- Application 2 out of bounds read 19705 and Software attempt
FILE-OTHER Adobe Acrobat Pro tiff parser CVE-2018- Application 2 out of bounds read 5016 and Software attempt
FILE-OTHER Adobe Acrobat Professional CVE-2018- Application EMF JPEG APP13 2 4951 and Software malformed record crash attempt
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12775 Out Of 12775 and Software Bounds
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12777 Out of 12777 and Software Bounds Read Access
January 2020 Page 57 of 245 IPS Signature Update
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12779 Out of 12779 and Software Bounds Read Access
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12780 Out of 12780 and Software Bounds Read Access
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12781 Out of 12781 and Software Bounds Read Access
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12786 Out of 12786 and Software Bounds Read
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12788 Heap 12788 and Software Overflow
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12791 Use After 12791 and Software Free
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12792 Use After 12792 and Software Free
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12793 Type 12793 and Software Confusion
CVE-2018- Application FILE-OTHER Adobe 2 Acrobat Reader CVE- 12835 and Software
January 2020 Page 58 of 245 IPS Signature Update
2018-12835 Out Of Bounds Write
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2019- Application 2 2019-7116 PostScript 7116 and Software Out Of Bounds Read
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2019- Application 2 2019-7125 Arbitrary 7125 and Software Code Execution
FILE-OTHER Adobe Acrobat Reader JP2 CVE-2018- Application 2 CVE-2018-4990 Double 4990 and Software Free Code Execution
FILE-OTHER Adobe Acrobat and Reader CVE-2019- Application 2 JPEG2000 Parsing Out 7794 and Software of Bounds Read
FILE-OTHER Adobe Acrobat and Reader CVE-2019- Application 4 JPEG2000 Parsing Out 7794 and Software of Bounds Read
FILE-OTHER Adobe Acrobat malformed font CVE-2019- Application 2 file use after free 7072 and Software attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat out of bounds 2 7049 and Software read attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat out-of-bounds 2 7071 and Software read attempt
FILE-OTHER Adobe CVE-2019- Application 2
January 2020 Page 59 of 245 IPS Signature Update
Acrobat out-of-bounds 7122 and Software read attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat out-of-bounds 2 7127 and Software read attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat out-of-bounds 2 7143 and Software read attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 2 4908 Out Of Bounds 4908 and Software Read Attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 4 4908 Out Of Bounds 4908 and Software Read Attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 4 4914 Out Of Bounds 4914 and Software Read Attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 2 4914 Out Of Bounds 4914 and Software Read Attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat type confusion 2 7069 and Software attempt
FILE-OTHER Adobe CVE-2019- Application Acrobat type confusion 2 7128 and Software attempt
FILE-OTHER Adobe DNG CVE--2020- Application 1 Software Development 9590 and Software Kit ReadUncompressed
January 2020 Page 60 of 245 IPS Signature Update
CVE-2020-9590 Heap- based Buffer Overflow
FILE-OTHER Adobe DNG Software Development CVE--2020- Application Kit ReadUncompressed 2 9590 and Software CVE-2020-9590 Heap- based Buffer Overflow
FILE-OTHER Adobe Flah CVE-2019- Application Player CVE-2019-7096 2 7096 and Software GIF Use After Free
FILE-OTHER Adobe Flash CVE-2017- Application Player h264 decoder 1 2984 and Software heap overflow attempt
FILE-OTHER Adobe InDesign Unsafe CVE-2019- Application 2 Hyperlink Processing 7107 and Software Remote Code Execution
FILE-OTHER Adobe InDesign Unsafe CVE-2019- Application 4 Hyperlink Processing 7107 and Software Remote Code Execution
FILE-OTHER Adobe Professional EMF CVE-2018- Application 1 embedded image heap 4982 and Software overflow attempt
FILE-OTHER Adobe Professional EMF file CVE-2017- Application 2 TIFF image size memory 11261 and Software corruption attempt
FILE-OTHER Adobe Professional EMF CVE-2017- Application 2 polygon heap buffer 11241 and Software overflow attempt
January 2020 Page 61 of 245 IPS Signature Update
FILE-OTHER Adobe Professional JPEG APP1 CVE-2017- Application 3 memory corruption 11246 and Software attempt
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15937 2 15937 and Software Out Of Bounds Write
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15938 2 15938 and Software Out Of Bounds Write
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15994 2 15994 and Software Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15997 2 15997 and Software Information Disclosure
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-16008 2 16008 and Software Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-16026 2 16026 and Software Use After Free
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7145 2 7145 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7803 2 7803 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7818 2 7818 and Software Out Of Bounds Read
January 2020 Page 62 of 245 IPS Signature Update
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7821 2 7821 and Software Use After Free
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7828 2 7828 and Software Heap Overflow
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7829 2 7829 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8019 2 8019 and Software Type Confusion
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8095 2 8095 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8098 2 8098 and Software Out Of Bounds Read
FILE-OTHER Adobe Reader EMF CVE-2018- CVE-2018- Application 2 15990 Remote Code 15990 and Software Execution
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16006 and Software 16006 Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16014 and Software 16014 Use After Free
FILE-OTHER Adobe Reader EMF CVE-2018- CVE-2018- Application 2 16016 Out Of Bounds 16016 and Software Write
January 2020 Page 63 of 245 IPS Signature Update
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16019 and Software 16019 Out Of Bounds
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16021 and Software 16021 Heap Overflow
FILE-OTHER Adobe CVE-2018- Application Reader XPS CVE-2018- 2 16015 and Software 16015 Out Of Bounds
FILE-OTHER Adobe CVE-2018- Application Reader XPS CVE-2018- 2 19703 and Software 19703 Out Of Bounds
FILE-OTHER Adobe.Acrobat CVE- CVE-2018- Application 2 2018-16002 Out of 16002 and Software Bounds Read
FILE-OTHER Apple QuickTime PSD File CVE-2016- Application 2 Parsing CVE-2016-1769 1769 and Software Memory Corruption
FILE-OTHER Apple Quicktime TeXML CVE-2012- Application 1 Transform attribute 0663 and Software overflow attempt
FILE-OTHER Apple Quicktime TeXML CVE-2012- Application 1 sampleData attribute 0663 and Software overflow attempt
FILE-OTHER Apple Safari WebKit HTMLFrameElementBas CVE-2019- Browsers 1 e isURLAllowed 8762 Subframe exploit attempt
January 2020 Page 64 of 245 IPS Signature Update
FILE-OTHER Bluezone Application Desktop buffer overflow 1 and Software attempt
FILE-OTHER Cisco WebEx Recording Player CVE-2018- Application 1 memory corruption 0264 and Software attempt
FILE-OTHER Cisco WebEx Recording Player CVE-2018- Application 2 memory corruption 0264 and Software attempt
FILE-OTHER Cisco Webex Network CVE-2020- Application 3 Recording Player out of 3573 and Software bounds write attempt
FILE-OTHER EMF EMR_EXTTEXTOUTW Application 1 record memory and Software corruption attempt
FILE-OTHER EMF CVE-2018- Application EmrText object out of 1 4883 and Software bounds read attempt
FILE-OTHER EMF CVE-2018- Application embedded image out of 1 4884 and Software bound read attempt
FILE-OTHER Everest Software PeakHMI Application 1 malicious .bsu file and Software buffer overflow attempt
FILE-OTHER Flexense Application DiskPulse Client Import 2 and Software Stack Buffer Overflow I
FILE-OTHER Flexense Application 2
January 2020 Page 65 of 245 IPS Signature Update
DiskPulse Client Import and Software Stack Buffer Overflow II
FILE-OTHER FreeBSD bspatch utility remote CVE-2014- Application 1 code execution attempt 9862 and Software CVE-2014-9862
FILE-OTHER GNU Libextractor CVE-2018- CVE-2018- Application 2 16430 ZIP File Comment 16430 and Software Out-of-Bounds Read
FILE-OTHER GNU Libextractor CVE-2018- CVE-2018- Application 4 16430 ZIP File Comment 16430 and Software Out-of-Bounds Read
FILE-OTHER Ghostscript CVE-2017- Application eqproc type confusion 2 8291 and Software attempt
FILE-OTHER Ghostscript CVE-2017- Application rsdparams type 2 8291 and Software confusion attempt
FILE-OTHER GitLab CVE- CVE-2018- Application 2018-14364 Arbitrary 2 14364 and Software File Write
FILE-OTHER Google CVE-2018- Application Golang Get Remote 2 16873 and Software Command Execution
FILE-OTHER Google CVE-2018- Application Golang Get Remote 4 16873 and Software Command Execution
FILE-OTHER Hangul CVE-2015- Application Word Processor type 2 6585 and Software confusion attempt
January 2020 Page 66 of 245 IPS Signature Update
FILE-OTHER IBM Informix Dynamic Server SET CVE-2011- Application 2 ENVIRONMENT Stack 1033 and Software Buffer Overflow CVE- 2011-1033
FILE-OTHER IBM Installation Manager iim Application 1 URI Handling Code and Software Execution
FILE-OTHER IBM Installation Manager iim CVE-2009- Application 1 uri code execution 3518 and Software attempt
FILE-OTHER KeyView SDK WordPerfect Application 1 parsing stack buffer and Software overflow attempt
FILE-OTHER Lattice Semiconductor ispXCF Application 1 version attribute and Software overflow attempt
FILE-OTHER Maple Maplet File Creation Application 1 and Command and Software Execution attempt
FILE-OTHER Microsoft .NET API XPS CVE-2020- Application file parsing CVE-2020- 2 0605 and Software 0605 remote code execution attempt
FILE-OTHER Microsoft Graphics CVE-2017- CVE-2017- Application 2 11763 Remote Code 11763 and Software Execution Attempt
January 2020 Page 67 of 245 IPS Signature Update
FILE-OTHER Microsoft CVE-2018- Application Graphics remote code 2 8344 and Software execution attempt
FILE-OTHER Microsoft Internet Explorer CVE- CVE-2012- Application 2012-1524 Attribute 2 1524 and Software Remove Remote Code Execution
FILE-OTHER Microsoft Internet Explorer CVE- CVE-2016- Application 2016-7272 Malformed 2 7272 and Software Ico Integer Overflow Attempt
FILE-OTHER Microsoft Jet 4.0 CVE-2016-0250 CVE-2016- Application 1 Access Violation 0250 and Software Vulnerability
FILE-OTHER Microsoft CVE-2016- Application Office OLE DLL side load 2 7275 and Software attempt
FILE-OTHER Microsoft Outlook CVE-2019-1199 CVE-2019- Application 2 Use-After-Free 1199 and Software Vulnerability
FILE-OTHER Microsoft Windows ATMFD font CVE-2017- Application driver malformed OTF 3 0192 and Software file out-of-bounds memory access attempt
FILE-OTHER Microsoft Windows Address Book CVE-2020- Application 1 Contact file integer 1410 and Software overflow attempt
FILE-OTHER Microsoft CVE-2016- Application 2
January 2020 Page 68 of 245 IPS Signature Update
Windows BLF file local 3332 and Software privilege escalation attempt
FILE-OTHER Microsoft Windows CVE-2013- CVE-2013- Application 3128 OpenType Font 2 3128 and Software File Remote Code Execution II
FILE-OTHER Microsoft Windows CVE-2016- CVE-2016- Application 1 7256 OTF Parsing 7256 and Software Memory Corruption
FILE-OTHER Microsoft Windows CVE-2016- 7274 GDI32.dll cmap CVE-2016- Application 1 numUVSMappings 7274 and Software overflow attempt vulnerabilty
FILE-OTHER Microsoft Windows CVE-2018- CVE-2018- Application 1013 malformed TTF 2 1013 and Software integer overflow attempt
FILE-OTHER Microsoft Windows Defender CVE- CVE-2018- Application 2018-0986 Malformed 1 0986 and Software RAR Memory Corruption Attempt
FILE-OTHER Microsoft Windows Defender CVE-2018- Application malformed RAR 2 0986 and Software memory corruption attempt
FILE-OTHER Microsoft CVE-2017- Application 2 Windows Device Guard 8625 and Software bypass via compiled
January 2020 Page 69 of 245 IPS Signature Update
help file attempt
FILE-OTHER Microsoft Windows Help Application Workshop CNT Help 1 and Software contents buffer overflow attempt
FILE-OTHER Microsoft Windows CVE-2018- Application Malformed .themepack 2 8413 and Software Theme API Remote Code Execution
FILE-OTHER Microsoft Windows OTF cmap CVE-2016- Application 3 table parsing integer 7210 and Software overflow attempt
FILE-OTHER Microsoft Windows OTF parsing CVE-2016- Application 1 memory corruption 7256 and Software attempt
FILE-OTHER Microsoft Windows OTF parsing CVE-2016- Application 2 memory corruption 7256 and Software attempt
FILE-OTHER Microsoft Windows True Type CVE-2015- Application 3 Font integer overflow 0059 and Software attempt
FILE-OTHER Microsoft Windows VBScript CVE-2019- Application 2 Engine VbsErase 0667 and Software Memory Corruption
FILE-OTHER Microsoft CVE-2007- Application 3 Windows Vista Feed 3033 and Software Headlines Gagdet code
January 2020 Page 70 of 245 IPS Signature Update
execution attempt
FILE-OTHER Microsoft Windows malformed CVE-2016- Application 3 TrueType file RCVT out 3209 and Software of bounds read attempt
FILE-OTHER Multiple products XML Import CVE-2017- Application 2 Command buffer 7310 and Software overflow attempt
FILE-OTHER Oracle CVE- 2018-3147 Outside In CVE-2018- Application Excel GelFrame 2 3147 and Software OfficeArtRecLen Out-of- bounds Read
FILE-OTHER Oracle Java Applet Rhino Script Application 2 Engine Policy CVE-2011- and Software 3544 Bypass
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 1 2019-2449 and Software
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 2 2019-2449 and Software
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 3 2019-2449 and Software
FILE-OTHER Oracle Java CVE-2019- Application 3 Arbitrary File Deletion 4 2449 and Software
FILE-OTHER Oracle Java Runtime Environment Other Web ShortComponentRaster. 2 Server verify CVE-2013-2472 Memory Corruption
FILE-OTHER Oracle Java CVE-2013- Application 1
January 2020 Page 71 of 245 IPS Signature Update
SE CVE-2013-5907 5907 and Software GSUB ReqFeatureIndex Buffer Overflow Vulnerability
FILE-OTHER Power Software PowerISO CVE-2017- Application 2 stack buffer overflow 2817 and Software attempt
FILE-OTHER Python lib wave.py wav zero CVE-2017- Application 1 channel denial of 18207 and Software service attempt
FILE-OTHER TAR file CVE-2020- Application directory traversal 2 3238 and Software attempt
FILE-OTHER Ubisoft Heroes of Might and Application 1 Magic III .h3m map file and Software buffer overflow attempt
FILE-OTHER VMware CVE-2019- Application Fusion Guest VM 2 5514 and Software Remote Code Execution
FILE-OTHER WECON LeviStudioU HFT File CVE-2020- Application 5 Parsing CVE-2020-16243 16243 and Software Stack Buffer Overflow
FILE-PDF ADOBE ActiveX Browser Plugin client CVE-2018- Application 2 side request injection 4995 and Software attempt
FILE-PDF Acrobat Reader CVE-2018-12754 CVE-2018- Application 2 Information Disclosure 12754 and Software Vulnerability
January 2020 Page 72 of 245 IPS Signature Update
FILE-PDF Acrobat Reader CVE-2018-12754 CVE-2018- Application 1 Information Disclosure 12754 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12756 CVE-2018- Application 1 Information Disclosure 12756 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12756 CVE-2018- Application 1 Information Disclosure 12756 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12757 CVE-2018- Application 1 Information Disclosure 12757 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12757 CVE-2018- Application 1 Information Disclosure 12757 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12758 CVE-2018- Application 1 Information Disclosure 12758 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12758 CVE-2018- Application 1 Information Disclosure 12758 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12760 CVE-2018- Application 2 Information Disclosure 12760 and Software Vulnerability
CVE-2018- Application FILE-PDF Acrobat 1 Reader CVE-2018-12760 12760 and Software
January 2020 Page 73 of 245 IPS Signature Update
Information Disclosure Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12761 CVE-2018- Application 1 Information Disclosure 12761 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12764 CVE-2018- Application 2 Information Disclosure 12764 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12764 CVE-2018- Application 1 Information Disclosure 12764 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12765 CVE-2018- Application 1 Information Disclosure 12765 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12765 CVE-2018- Application 1 Information Disclosure 12765 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12766 CVE-2018- Application 1 Information Disclosure 12766 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12766 CVE-2018- Application 1 Information Disclosure 12766 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12767 CVE-2018- Application 2 Information Disclosure 12767 and Software Vulnerability
January 2020 Page 74 of 245 IPS Signature Update
FILE-PDF Acrobat Reader CVE-2018-12767 CVE-2018- Application 1 Information Disclosure 12767 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12768 CVE-2018- Application 2 Information Disclosure 12768 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12768 CVE-2018- Application 1 Information Disclosure 12768 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12774 CVE-2018- Application 1 Information Disclosure 12774 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-12774 CVE-2018- Application 1 Information Disclosure 12774 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-15925 CVE-2018- Application 2 Information Disclosure 15925 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5050 CVE-2018- Application 1 Information Disclosure 5050 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5050 CVE-2018- Application 1 Information Disclosure 5050 and Software Vulnerability
CVE-2018- Application FILE-PDF Acrobat 1 Reader CVE-2018-5054 5054 and Software
January 2020 Page 75 of 245 IPS Signature Update
Information Disclosure Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5054 CVE-2018- Application 1 Information Disclosure 5054 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5056 CVE-2018- Application 1 Information Disclosure 5056 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5056 CVE-2018- Application 1 Information Disclosure 5056 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5057 CVE-2018- Application 1 Information Disclosure 5057 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5057 CVE-2018- Application 1 Information Disclosure 5057 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5063 CVE-2018- Application 2 Information Disclosure 5063 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5063 CVE-2018- Application 1 Information Disclosure 5063 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5064 CVE-2018- Application 1 Information Disclosure 5064 and Software Vulnerability
January 2020 Page 76 of 245 IPS Signature Update
FILE-PDF Acrobat Reader CVE-2018-5064 CVE-2018- Application 1 Information Disclosure 5064 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5065 CVE-2018- Application 1 Information Disclosure 5065 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5065 CVE-2018- Application 1 Information Disclosure 5065 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5066 CVE-2018- Application 1 Information Disclosure 5066 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5066 CVE-2018- Application 1 Information Disclosure 5066 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5069 CVE-2018- Application 1 Information Disclosure 5069 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5069 CVE-2018- Application 1 Information Disclosure 5069 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-5070 CVE-2018- Application 1 Information Disclosure 5070 and Software Vulnerability
CVE-2018- Application FILE-PDF Acrobat 1 Reader CVE-2018-5070 5070 and Software
January 2020 Page 77 of 245 IPS Signature Update
Information Disclosure Vulnerability
FILE-PDF Adobe Acrobat CVE-2016- Application FileAttachment use- 1 1065 and Software after-free attempt
FILE-PDF Adobe Acrobat ImageConversion TIFF CVE-2017- Application 1 Heap-based Buffer 2966 and Software Overflow
FILE-PDF Adobe Acrobat JavaScript CVE-2009- CVE-2009- Application 2 0927 getIcon Method 0927 and Software Buffer Overflow
FILE-PDF Adobe Acrobat CVE-2018- Application PDF calculate tag use- 2 19713 and Software after-free attempt
FILE-PDF Adobe Acrobat CVE-2016- Application Pro zoom caching use 1 6971 and Software after free attempt
FILE-PDF Adobe Acrobat Reader CVE-2009-3953 U3D CVE-2009- Application 2 CLODMeshDeceleration 3953 and Software Code Execution Vulnerability
FILE-PDF Adobe Acrobat Reader CVE-2016-1043 CVE-2016- Application 1 XFA FormCalc replace 1043 and Software Integer Overflow
FILE-PDF Adobe Acrobat Reader CVE-2016-4205 CVE-2016- Application malformed embeded 2 4205 and Software TTF File Memory Corruption
January 2020 Page 78 of 245 IPS Signature Update
FILE-PDF Adobe Acrobat Reader CVE-2019-7121 CVE-2019- Application 2 IFF Information 7121 and Software Disclosure
FILE-PDF Adobe Acrobat Reader CVE-2020-9697 CVE-2020- Application 1 Information Disclosure 9697 and Software Vulnerability
FILE-PDF Adobe Acrobat Reader CVE-2020-9705 CVE-2020- Application 1 Information Disclosure 9705 and Software Vulnerability
FILE-PDF Adobe Acrobat Reader CVE-2020-9706 CVE-2020- Application 1 Information Disclosure 9706 and Software Vulnerability
FILE-PDF Adobe Acrobat Reader JPEG engine CVE-2016- Application spurious object 1 1089 and Software reference use after free attempt
FILE-PDF Adobe Acrobat Reader JPEG handling CVE-2016- Application 1 memory corruption 4252 and Software attempt
FILE-PDF Adobe Acrobat CVE-2016- Application Reader JPEG parsing out 1 4192 and Software of bounds read attempt
FILE-PDF Adobe Acrobat Reader JPEG2000 CVE- CVE-2016- Application 1 2016-6941 Information 6941 and Software Disclosure Vulnerability
CVE-2016- Application FILE-PDF Adobe Acrobat 1 Reader JPEG2000 1078 and Software
January 2020 Page 79 of 245 IPS Signature Update
Information Disclosure
FILE-PDF Adobe Acrobat CVE-2019- Application Reader Out-of-Bounds 1 16456 and Software Information Disclosure
FILE-PDF Adobe Acrobat Reader PDF CVE-2018- CVE-2018- Application 1 4993 NTML Hash 4993 and Software Disclosure
FILE-PDF Adobe Acrobat CVE-2016- Application Reader SaveAs use- 1 6945 and Software after-free attempt
FILE-PDF Adobe Acrobat Reader ToolButton CVE- CVE-2013- Application 5 2013-3346 Use After 3346 and Software Free
FILE-PDF Adobe Acrobat Reader U3D CVE-2009- Application CLODMeshDeceleration 2 3953 and Software code execution attempt CVE-2014-0523
FILE-PDF Adobe Acrobat Reader U3D CVE-2018- CVE-2018- Application 3 15953 Information 15953 and Software Disclosure
FILE-PDF Adobe Acrobat Reader U3D e3_bone CVE-2016- Application 1 object out of bounds 1116 and Software memory access attempt
FILE-PDF Adobe Acrobat CVE-2016- Application Reader XFA addInstance 1 6953 and Software use after free attempt
CVE-2016- Application FILE-PDF Adobe Acrobat 1 Reader XFA excelGroup 6950 and Software
January 2020 Page 80 of 245 IPS Signature Update
memory corruption attempt
FILE-PDF Adobe Acrobat Reader XFA CVE-2016- Application relayoutPageArea 1 6952 and Software memory corruption attempt
FILE-PDF Adobe Acrobat Reader XObject image CVE-2016- Application 1 object use after free 1075 and Software attempt
FILE-PDF Adobe Acrobat CVE-2017- Application Reader XSL stylesheet 1 2949 and Software heap overflow attempt
FILE-PDF Adobe Acrobat Reader XSLT substring CVE-2016- Application 1 memory corruption 6959 and Software attempt
FILE-PDF Adobe Acrobat Reader duplicate U3D CVE-2017- Application 1 header memory 11222 and Software corruption attempt
FILE-PDF Adobe Acrobat Reader embedded TTF CVE-2016- Application 2 name record out of 4203 and Software bounds read attempt
FILE-PDF Adobe Acrobat Reader embedded TTF CVE-2016- Application 1 name record out of 4203 and Software bounds read attempt
FILE-PDF Adobe Acrobat Reader go-to action CVE-2018- Application 2 NTLM credential 4993 and Software disclosure attempt
January 2020 Page 81 of 245 IPS Signature Update
FILE-PDF Adobe Acrobat Reader invalid PDF CVE-2010- Application 1 JavaScript printSeps 4091 and Software extension call attempt
FILE-PDF Adobe Acrobat Reader malformed CFF CVE-2017- Application global subroutine 1 2941 and Software memory corruption attempt
FILE-PDF Adobe Acrobat Reader malformed CVE-2016- Application 1 FlateDecode stream use 1094 and Software after free attempt
FILE-PDF Adobe Acrobat Reader malformed CVE-2016- Application embeded TTF file 2 4201 and Software memory corruption attempt
FILE-PDF Adobe Acrobat Reader malformed CVE-2016- Application embeded TTF file 1 4205 and Software memory corruption attempt
FILE-PDF Adobe Acrobat Reader malformed CVE-2016- Application 1 object stream memory 6948 and Software corruption attempt
FILE-PDF Adobe Acrobat Reader malformed CVE-2016- Application 1 unicode font name code 6956 and Software execution attempt
FILE-PDF Adobe Acrobat CVE-2017- Application XFA engine stack buffer 1 2948 and Software overflow attempt
January 2020 Page 82 of 245 IPS Signature Update
FILE-PDF Adobe Acrobat CVE-2017- Application and Reader JPEG2000 1 2946 and Software Out of Bounds Read
FILE-PDF Adobe Acrobat CVE-2017- Application and Reader JPEG2000 4 2946 and Software Out of Bounds Read
FILE-PDF Adobe Acrobat invalid embedded font CVE-2016- Application 1 memory corruption 4208 and Software attempt
FILE-PDF Adobe Acrobat CVE-2016- Application memory corruption 1 1081 and Software vulnerability attempt
FILE-PDF Adobe Flash Player ActionScript CVE-2016- Application 1 setFocus use after free 4227 and Software attempt
FILE-PDF Adobe Flash Player ActionScript CVE-2016- Application 2 setFocus use after free 4227 and Software attempt
FILE-PDF Adobe Reader AcroForm dictionary CVE-2016- Application 1 object use after free 1066 and Software attempt
FILE-PDF Adobe Reader CTJPEGDecoderReadNe CVE-2016- Application 1 xtTile out of bounds 1077 and Software read attempt
FILE-PDF Adobe Reader CVE-2013- Application CVE-2013-5332 Remote 2 5332 and Software Code Execution
FILE-PDF Adobe Reader CVE-2016- Application 2
January 2020 Page 83 of 245 IPS Signature Update
CVE-2016-1077 1077 and Software CTJPEGDecoderReadNe xtTile out of bounds read
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-12799 2 12799 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-12803 2 12803 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16005 2 16005 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16009 2 16009 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16045 2 16045 and Software Privilege Escalation
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-19701 2 19701 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-4955 2 4955 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-4957 2 4957 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-4960 2 4960 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application 2
January 2020 Page 84 of 245 IPS Signature Update
CVE-2018-4962 4962 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-4973 2 4973 and Software Information Disclosure
FILE-PDF Adobe Reader DC JPEG2000 CVE-2016- CVE-2016- Application 1 7854 Out-of-Bounds 7854 and Software Read
FILE-PDF Adobe Reader DC JPEG2000 CVE-2016- CVE-2016- Application 4 7854 Out-of-Bounds 7854 and Software Read
FILE-PDF Adobe Reader DisablePermEnforceme CVE-2016- Application 1 nt JavaScript function 1084 and Software use-after-free attempt
FILE-PDF Adobe Reader CVE-2018- Application 2 Information Disclosure 4967 and Software
FILE-PDF Adobe Reader CVE-2016- Application JPEG 2000 COD marker 1 6955 and Software use after free attempt
FILE-PDF Adobe Reader CVE-2016- Application JPEG 2000 memory 1 1095 and Software corruption attempt
FILE-PDF Adobe Reader CVE-2016- Application JavaScript API privileged 1 6957 and Software function bypass attempt
FILE-PDF Adobe Reader JavaScript recursive calls CVE-2016- Application 1 memory corruption 6970 and Software attempt
January 2020 Page 85 of 245 IPS Signature Update
FILE-PDF Adobe Reader CVE-2016- Application JavaScript use after free 1 6944 and Software attempt
FILE-PDF Adobe Reader Javascript CVE-2018- Application 2 ANAuthenticateResourc 16040 and Software e use-after-free attempt
FILE-PDF Adobe Reader CVE-2016- Application MakeAccessible plugin 1 6939 and Software heap overflow attempt
FILE-PDF Adobe Reader CVE-2018- Application PDF CVE-2018-16047 2 16047 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2019- Application PDF CVE-2019-7089 2 7089 and Software Information Disclosure
FILE-PDF Adobe Reader PDF defineGetter CVE-2016- Application 1 execMenuItem use after 1047 and Software free attempt
FILE-PDF Adobe Reader PDF embedded JPEG CVE-2016- Application 1 memory corruption 1088 and Software attempt
FILE-PDF Adobe Reader CVE-2016- Application PDF execMenuItem use 1 1047 and Software after free attempt
FILE-PDF Adobe Reader PDF onEvent CVE-2016- Application 1 execMenuItem use after 1056 and Software free attempt
CVE-2016- Application FILE-PDF Adobe Reader 1 PDF setAction 1051 and Software
January 2020 Page 86 of 245 IPS Signature Update
execMenuItem use after free attempt
FILE-PDF Adobe Reader PDF setPageAction CVE-2016- Application 1 execMenuItem use after 1050 and Software free attempt
FILE-PDF Adobe Reader TrueType font file CVE-2016- Application 1 numberofmetrics out of 6954 and Software bounds read attempt
FILE-PDF Adobe Reader Universal 3D engine out CVE-2016- Application 1 of bounds memory 1074 and Software access violation attempt
FILE-PDF Adobe Reader CVE-2016- Application XFA API preOpen use 1 1049 and Software after free attempt
FILE-PDF Adobe Reader XFA CVE-2016- Application 1 FormInstanceManager 1045 and Software use after free attempt
FILE-PDF Adobe Reader XFA exclGroup CVE-2016- Application JavaScript out of 1 6942 and Software bounds memory access attempt
FILE-PDF Adobe Reader CVE-2016- Application XFA form use-after-free 1 1046 and Software attempt
FILE-PDF Adobe Reader XFA javascript out of CVE-2016- Application 1 bound memory 1072 and Software corruption attempt
January 2020 Page 87 of 245 IPS Signature Update
FILE-PDF Adobe Reader CVE-2016- Application XFA javascript use after 1 1073 and Software free attempt
FILE-PDF Adobe Reader CVE-2016- Application XFA prePrint use after 1 1048 and Software free attempt
FILE-PDF Adobe Reader XFA relayoutPageArea CVE-2016- Application JavaScript out of 1 6947 and Software bounds memory access attempt
FILE-PDF Adobe Reader CVE-2016- Application XFA remerge JavaScript 1 6988 and Software use after free attempt
FILE-PDF Adobe Reader CVE-2016- Application XLST parsing engine use 1 6979 and Software after free attempt
FILE-PDF Adobe Reader CVE-2015- Application XML XSL transform 1 5089 and Software exploitation attempt
FILE-PDF Adobe Reader CVE-2016- Application XSLT Transform use 1 6961 and Software after free attempt
FILE-PDF Adobe Reader CVE-2016- Application XSLT Transform use 1 6962 and Software after free attempt
FILE-PDF Adobe Reader CVE-2016- Application XSLT Transform use 1 6963 and Software after free attempt
FILE-PDF Adobe Reader CVE-2016- Application XSLT Transform use 1 6964 and Software after free attempt
January 2020 Page 88 of 245 IPS Signature Update
FILE-PDF Adobe Reader CVE-2016- Application XSLT Transform use 1 6965 and Software after free attempt
FILE-PDF Adobe Reader and Acrobat CVE-2009- CVE-2009- Application 2 4324 media.newPlayer 4324 and Software Code Execution
FILE-PDF Adobe Reader and Acrobat XSLT CVE-2017- Application 2 function-available 2949 and Software Buffer Overflow
FILE-PDF Adobe Reader and Acrobat XSLT CVE-2017- Application 4 function-available 2949 and Software Buffer Overflow
FILE-PDF Adobe Reader compareDocuments CVE-2016- Application 1 JavaScript function use- 1085 and Software after-free attempt
FILE-PDF Adobe Reader CVE-2016- Application corrupt bookmark use 1 1091 and Software after free attempt
FILE-PDF Adobe Reader CVE-2016- Application createAVView JavaScript 1 1082 and Software use-after-free attempt
FILE-PDF Adobe Reader CVE-2016- Application embedded TTF heap 1 4204 and Software overflow attempt
FILE-PDF Adobe Reader embedded font out of CVE-2016- Application 1 bounds memory access 4207 and Software attempt
FILE-PDF Adobe Reader CVE-2016- Application 1
January 2020 Page 89 of 245 IPS Signature Update
execAVDialog JavaScript 1083 and Software function use-after-free attempt
FILE-PDF Adobe Reader malformed CID identity- CVE-2016- Application 1 H font file out of 4206 and Software bounds read attempt
FILE-PDF Adobe Reader malformed ICC profile CVE-2016- Application 1 memory corruption 4191 and Software attempt
FILE-PDF Adobe Reader malformed JPEG2000 image invalid CVE-2016- Application 1 NumberComponents 1078 and Software out of bounds read attempt
FILE-PDF Adobe Reader malformed Universal 3D CVE-2016- Application 1 stream memory 1037 and Software corruption attempt
FILE-PDF Adobe Reader CVE-2016- Application out of bounds memory 1 1063 and Software access violation attempt
FILE-PDF Adobe Reader CVE-2016- Application parser object use-after- 1 6949 and Software free attempt
FILE-PDF Adobe Reader CVE-2016- Application setPersistent use after 1 1061 and Software free attempt
FILE-PDF Adobe Reader CVE-2016- Application submitForm read out of 1 1064 and Software bounds attempt
January 2020 Page 90 of 245 IPS Signature Update
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1038 and Software attempt
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1039 and Software attempt
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1040 and Software attempt
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1041 and Software attempt
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1042 and Software attempt
FILE-PDF Adobe Reader trusted JavaScript CVE-2016- Application 1 function security bypass 1044 and Software attempt
FILE-PDF Sophos Application Antivirus PDF parsing 1 and Software stack overflow attempt
MALWARE-OTHER Malware Malware 2 Worm.Win32.Wcry.A Communication Runtime Detection
MISC Microsoft Windows Encrypted Misc 5 DCERPC request
January 2020 Page 91 of 245 IPS Signature Update
attempt
NETBIOS Cisco WebEx WebExService.exe CVE-2019- Application 1 remote code execution 1674 and Software attempt
OS-LINUX Corosync Cluster Engine CVE- Operating CVE-2018- 2018-1084 System and 1 1084 totemcrypto.c Integer Services Overflow
OS-LINUX Linux Kernel Operating Netfilter iptables- CVE-2019- System and 2 restore Stack-based 11360 Services Buffer Overflow
OS-LINUX Linux Kernel Operating CVE-2016- USBIP out of bounds System and 1 3955 write attempt Services
OS-LINUX Linux kernel Operating SCTP invalid chunk CVE-2016- System and 1 length denial of service 9555 Services attempt
OS-LINUX Linux kernel Operating CVE-2016- madvise race condition System and 2 5195 attempt Services
OS-LINUX Linux net Operating af_packet.c tpacket CVE-2016- System and 2 version race condition 8655 Services use after free attempt
OS-LINUX OS-LINUX x86 Operating Linux overflow attempt System and 1 ADMv2 Services
OS-LINUX OS-LINUX x86 Operating 1 Linux overflow attempt System and
January 2020 Page 92 of 245 IPS Signature Update
Services
OS-LINUX Red Hat 389 CVE-2018-1089 Operating CVE-2018- Directory Server ns- System and 2 1089 slapd ldapsearch Buffer Services Overflow
OS-LINUX Red Hat 389 Directory Server CVE- Operating CVE-2018- 02018-14624 System and 1 14624 vslapd_log_emergency_ Services error Denial of Service
OS-LINUX Red Hat 389 Directory Server CVE- Operating CVE-2018- 02018-14624 System and 4 14624 vslapd_log_emergency_ Services error Denial of Service
OS-LINUX Red Hat 389 Operating Directory Server CVE- CVE-2018- System and 1 2018-14648 do_search 14648 Services Denial of Service
OS-LINUX Red Hat 389 Operating Directory Server TLS CVE-2019- System and 1 CVE-2019-3883 3883 Services Resource Exhaustion
OS-LINUX Red Hat Operating NetworkManager CVE- CVE-2018- System and 2 2018-1111 DHCP 1111 Services Command Injection
OS-LINUX Red Hat Operating NetworkManager DHCP CVE-2018- System and 1 Command Injection 1111 Services CVE-2018-1111
OS-OTHER Apple CVE-2016- Operating QuickTime FPX File 3 1767 System and Parsing Memory
January 2020 Page 93 of 245 IPS Signature Update
Corruption Vulnerability Services I
OS-OTHER Apple macOS Operating IOHIDeous exploit System and 2 download attempt Services
OS-OTHER Bash CGI Operating nested loops CVE-2014- System and 1 word_lineno denial of 7187 Services service attempt
OS-OTHER SolarWinds Operating Orion NPM CVE-2019- System and 1 OrionModuleEngine 8917 Services Remote Code Execution
OS-OTHER multiple Operating operating systems DHCP CVE-2008- System and 1 option overflow 0084 Services attempt
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 2 1010 2019-1010 Information Services Disclosure
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 2 1252 2019-1252 Information Services Disclosure
OS-WINDOWS Operating Microsoft Hyperlink CVE-2016- System and 4 Object Library 0059 Services Information Disclosure
Operating OS-WINDOWS CVE-2019- System and 2 Microsoft Windows 0552 COM Desktop Broker Services
January 2020 Page 94 of 245 IPS Signature Update
sandbox escape attempt
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 CVE-2019-1071 1071 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 CVE-2019-1073 1073 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 3 CVE-2019-1108 1108 Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2019- Common Log File System and 2 1219 information disclosure Services attempt
OS-WINDOWS Microsoft Windows Operating CVE-2019- CoreShellCOMServerRe System and 1 1184 gistrar privilege Services escalation attempt
OS-WINDOWS Operating Microsoft Windows CVE-2018- System and 2 CredSSP MITM Code 0886 Services Execution
OS-WINDOWS Microsoft Windows CryptoAPI TLS server Operating CVE-2020- certificate public key System and 3 0601 with explicitly-defined Services ECC curve parameters attempt
January 2020 Page 95 of 245 IPS Signature Update
OS-WINDOWS Microsoft Windows Operating CVE-2019- Data Sharing Service System and 2 0573 privilege escalation Services attempt
OS-WINDOWS Operating Microsoft Windows GDI CVE-2019- System and 2 CVE-2019-0758 0758 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows GDI CVE-2019- System and 2 CVE-2019-0882 0882 Services Information Disclosure
OS-WINDOWS Microsoft Windows GDI Operating CVE-2017- invalid EMF cbBitsSrc System and 2 0038 memory disclosure Services attempt
OS-WINDOWS Microsoft Windows Operating CVE-2017- Graphics Component System and 2 8676 CVE-2017-8676 Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device CVE- System and 3 8424 2018-8424 Interface Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device CVE- System and 4 8424 2018-8424 Interface Services Information Disclosure
CVE-2003- OS-WINDOWS Operating 1 Microsoft Windows 0907 System and
January 2020 Page 96 of 245 IPS Signature Update
Help Centre escape Services sequence XSS attempt
OS-WINDOWS Microsoft Windows JET Operating Database Engine CVE-2019- System and 2 Physical Index Out-of- 0575 Services Bounds Read CVE-2019- 0575
OS-WINDOWS Microsoft Windows JET Operating Database Engine CVE-2019- System and 4 Physical Index Out-of- 0575 Services Bounds Read CVE-2019- 0575
OS-WINDOWS Microsoft Windows Operating CVE-2011- Kerberos auth System and 3 0091 downgrade to DES Services MITM attempt
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 Kernel information 0844 Services disclosure attempt
OS-WINDOWS Operating Microsoft Windows CVE-2017- System and 2 LSASS Authentication 0004 Services Denial of Service
OS-WINDOWS Operating Microsoft Windows NT CVE-2019- System and 1 MiRelocateImage out of 1347 Services bounds read attempt
OS-WINDOWS Operating Microsoft Windows NT CVE-2019- System and 2 MiRelocateImage out of 1347 Services bounds read attempt
January 2020 Page 97 of 245 IPS Signature Update
OS-WINDOWS Microsoft Windows Operating CVE-2019- NtSetCachedSigningLev System and 2 0732 el Device Guard bypass Services attempt
OS-WINDOWS Microsoft Windows Operating CVE-2016- Ntoskrnl integer System and 3 0070 overflow privilege Services escalation attempt
OS-WINDOWS Microsoft Windows Operating Remote Desktop CVE-2019- System and 2 Protocol Server 1224 Services Information Disclosure Vulnerability
OS-WINDOWS Microsoft Windows Operating CVE-2020- SMB srv2.sys System and 1 1206 information disclosure Services attempt
OS-WINDOWS Microsoft Windows Operating SMBv1 WriteAndX and CVE-2017- System and 1 TransSecondaryRequest 0145 Services TotalDataCount out of bounds write attempt
OS-WINDOWS Microsoft Windows Operating CVE-2017- SMBv1 identical MID System and 2 0143 and FID type confusion Services attempt CVE-2017-0143
OS-WINDOWS Operating CVE-2017- Microsoft Windows System and 2 0143 SMBv1 identical MID Services and FID type confusion
January 2020 Page 98 of 245 IPS Signature Update
attempt
OS-WINDOWS Operating Microsoft Windows CVE-2020- System and 1 SMBv3 Compression 1206 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 Win32k Information 1469 Services Disclosure Vulnerability
OS-WINDOWS Microsoft Windows Operating CVE-2019- Win32k kernel System and 1 1436 information disclosure Services attempt
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 kernel information 0840 Services disclosure attempt
OS-WINDOWS Microsoft Windows Operating CVE-2019- malformed NTLMv2 System and 2 1019 authentication message Services attempt
OS-WINDOWS Microsoft Windows Operating CVE-2016- operating system System and 2 3308 win32kfull heap Services corruption attempt
OS-WINDOWS Windows Operating Kernel CVE-2019-0767 CVE-2019- System and 2 Information Disclosure 0767 Services Vulnerability
OS-WINDOWS Windows CVE-2020- Operating Network File System 5 17056 System and NLM RPC Message CVE-
January 2020 Page 99 of 245 IPS Signature Update
2020-17056 Information Services Disclosure
OS-WINDOWS Windows Operating Uniscribe CVE-2017- CVE-2017- System and 1 0014 Remote Code 0014 Services Execution
PROTOCOL-DNS Cisco ASA and FTD IPv6 DNS CVE-2020- DNS 1 request stack buffer 3191 overflow attempt
PROTOCOL-DNS Cisco IOS XE Umbrella CVE-2020- DNS 1 Connector denial of 3510 service attempt
PROTOCOL-DNS ISC CVE-2020- BIND TSIG Validation DNS 1 8617 Denial of Service
PROTOCOL-DNS Oracle Secure Backup CVE-2010- observice.exe dns DNS 1 0072 response overflow attempt
PROTOCOL-OTHER Operating FreeRDP RSA modulus CVE-2017- System and 2 length integer 2836 Services underflow attempt
PROTOCOL-OTHER Quagga BGP Daemon Operating CVE-2018- CVE-2018-5379 System and 1 5379 bgp_update_receive Services Double Free I
PROTOCOL-OTHER Operating CVE-2018- Quagga BGP Daemon System and 1 5379 CVE-2018-5379 Services bgp_update_receive
January 2020 Page 100 of 245 IPS Signature Update
Double Free II
PROTOCOL-OTHER VMware vCenter Server CVE-2020- Other Web Directory Service CVE- 3 3952 Server 2020-3952 Authentication Bypass
PROTOCOL-RPC IBM Operating Informix Dynamic CVE-2009- System and 1 Server librpc.dll buffer 2753 Services overflow attempt
PROTOCOL-RPC Linux kernel NFSv2 Operating CVE-2017- malformed WRITE System and 1 7895 arbitrary memory read Services attempt
PROTOCOL-RPC Linux kernel NFSv3 Operating CVE-2017- malformed WRITE System and 1 7895 arbitrary memory read Services attempt
PROTOCOL-RPC Oracle Operating Solaris sadmind TCP CVE-2008- System and 1 array size buffer 3869 Services overflow attempt
PROTOCOL-RPC Oracle Operating Solaris sadmind TCP CVE-2008- System and 1 data length integer 3870 Services overflow attempt
PROTOCOL-RPC Oracle Operating Solaris sadmind UDP CVE-2008- System and 1 array size buffer 3869 Services overflow attempt
PROTOCOL-RPC Oracle CVE-2008- Operating Solaris sadmind UDP 1 3870 System and data length integer
January 2020 Page 101 of 245 IPS Signature Update
overflow attempt Services
PROTOCOL-RPC Operating xdrDecodeString CVE-2010- System and 1 caller_name stack 4227 Services overflow attempt
PROTOCOL-SERVICES LibVNCClient CVE-2016- Operating CVE-2016- 9941 System and 3 9941 FramebufferUpdate Services Heap Buffer Overflow I
PROTOCOL-SERVICES LibVNCClient CVE-2016- Operating CVE-2016- 9941 System and 3 9941 FramebufferUpdate Services Heap Buffer Overflow II
PROTOCOL-SNMP Cisco Operating CVE-2019- IOS IS-IS SNMP denial of System and 2 16027 service attempt Services
PROTOCOL-SNMP Cisco Operating Small Business Series CVE-2019- System and 1 Switches SNMP denial 1806 Services of service attempt
PROTOCOL-TFTP Cisco Prime Infrastructure CVE-2018- FTP 1 swimtemp TFTP 15379 Arbitrary File Upload
PROTOCOL-TFTP HP Intelligent Management Center TFTP Server FTP 1 DATA and ERROR Packets Buffer Overflow
PROTOCOL-TFTP HPE CVE-2018- Intelligent Management FTP 1 Center PLAT tftpserver 7074 fread Stack Buffer
January 2020 Page 102 of 245 IPS Signature Update
Overflow CVE-2018- 7074
PROTOCOL-VOIP Asterisk CVE-2018- VoIP and CVE-2018- 1000099 PJSIP Invalid Instant 2 1000099 fmtp Media Attribute Messaging Denial Of Service
PROTOCOL-VOIP Cisco VoIP and Unified Customer Voice CVE-2018- Instant 2 Portal denial of service 0086 Messaging attempt
PROTOCOL-VOIP Digium VoIP and Asterisk Manager Instant 4 Interface initial banner Messaging
PROTOCOL-VOIP Digium VoIP and Asterisk Manager User CVE-2019- Instant 2 Shell Command 18610 Messaging Execution
SERVER-APACHE (Published Exploit) BEA WebLogic Server CVE-2008- Apache HTTP 1 Apache Connector HTTP 3257 Server Version String Buffer Overflow
SERVER-APACHE Apache CVE-2003- Apache HTTP APR memory corruption 3 0245 Server attempt
SERVER-APACHE Apache ActiveMQ CVE-2016- CVE-2016- Apache HTTP 2 3088 Fileserver MOVE 3088 Server Directory Traversal
SERVER-APACHE Apache CVE-2018- Apache HTTP ActiveMQ CVE-2018- 1 8006 Web Console 8006 Server QueueFilter Cross-Site
January 2020 Page 103 of 245 IPS Signature Update
Scripting
SERVER-APACHE Apache ActiveMQ CVE-2018- CVE-2018- Apache HTTP 8006 Web Console 2 8006 Server QueueFilter Cross-Site Scripting
SERVER-APACHE Apache ActiveMQ Fileserver File CVE-2016- Apache HTTP 2 Upload Directory 3088 Server Traversal
SERVER-APACHE Apache CVE-2018-1306 Pluto CVE-2018- Apache HTTP PortletV3AnnotatedDe 2 1306 Server mo MultipartPortlet Arbitrary File Upload
SERVER-APACHE Apache CVE-2018-8007 CVE-2018- Apache HTTP 2 CouchDB _config 8007 Server Command Execution
SERVER-APACHE Apache Commons FileUpload CVE-2016- Apache HTTP 2 Boundary Denial of 3092 Server Service
SERVER-APACHE Apache Continuum Apache HTTP 1 saveInstallation.action Server Command Injection
SERVER-APACHE Apache CouchDB CVE-2017- CVE-2017- Apache HTTP 2 12635 JSON Remote 12635 Server Privilege Escalation
SERVER-APACHE Apache CVE-2017- Apache HTTP CouchDB JSON Remote 4 12635 Server Privilege Escalation
January 2020 Page 104 of 245 IPS Signature Update
SERVER-APACHE Apache CVE-2017- Apache HTTP CouchDB _config 2 12636 Server Command Execution
SERVER-APACHE Apache Dubbo CVE-2019- Apache HTTP HttpRemoteInvocation 1 17564 Server CVE-2019-17564 Insecure Deserialization
SERVER-APACHE Apache HTTP Server CVE-2016- CVE-2016- Apache HTTP 8740 mod_http2 4 8740 Server Module Denial of Service
SERVER-APACHE Apache HTTP Server mod_http2 CVE-2016- Apache HTTP 3 Module Denial of 8740 Server Service
SERVER-APACHE Apache HTTP Server mod_http2 CVE-2016- Apache HTTP 2 denial of service 8740 Server attempt
SERVER-APACHE Apache Kylin REST API CVE-2020- Apache HTTP DiagnosisService CVE- 2 13925 Server 2020-13925 Command Injection
SERVER-APACHE Apache Kylin REST API CVE-2020- Apache HTTP migrateCube CVE-2020- 1 1956 Server 1956 Command Injection
SERVER-APACHE Apache Log4j SocketServer CVE-2019- Apache HTTP 1 Untrusted 17571 Server Deserialization
January 2020 Page 105 of 245 IPS Signature Update
SERVER-APACHE Apache OFBiz XMLRPC CVE- CVE-2020- Apache HTTP 2 2020-9496 Insecure 9496 Server Deserialization
SERVER-APACHE Apache OFBiz serviceContext CVE-2019- Apache HTTP 1 XStream Insecure 0189 Server Deserialization
SERVER-APACHE Apache OFBiz serviceContext CVE-2019- Apache HTTP 2 XStream Insecure 0189 Server Deserialization
SERVER-APACHE Apache Olingo CVE-2019-17554 CVE-2019- Apache HTTP 1 XML Deserializer 17554 Server External Entity Injection
SERVER-APACHE Apache CVE-2015- Apache HTTP Qpid AMPQ denial of 1 0203 Server service attempt
SERVER-APACHE Apache CVE-2015- Apache HTTP Qpid Sequence Set 1 0203 Server Denial of Service
SERVER-APACHE Apache CVE-2015- Apache HTTP Qpid Sequence Set 4 0203 Server Denial of Service
SERVER-APACHE Apache CVE-2015- Apache HTTP Qpid Session.gap Denial 1 0203 Server of Service
SERVER-APACHE Apache CVE-2015- Apache HTTP Qpid Session.gap Denial 4 0203 Server of Service
CVE-2020- SERVER-APACHE Apache Web Services 3 ShardingSphere 1947 and
January 2020 Page 106 of 245 IPS Signature Update
SnakeYAML CVE-2020- Applications 1947 Insecure Deserialization
SERVER-APACHE Apache Solr CVE-2018-8026 CVE-2018- Apache HTTP ConfigSets XML External 3 8026 Server Entity Expansion Information Disclosure
SERVER-APACHE Apache CVE-2019- Apache HTTP Solr Config API Insecure 1 0192 Server Deserialization
SERVER-APACHE Apache CVE-2019- Apache HTTP Solr Config API Insecure 2 0192 Server Deserialization
SERVER-APACHE Apache CVE-2019- Apache HTTP Solr Config API Insecure 4 0192 Server Deserialization
SERVER-APACHE Apache Solr ConfigSets CVE- 2018-8010 XML CVE-2018- Apache HTTP 3 External Entity 8010 Server Expansion Information Disclosure
SERVER-APACHE Apache Solr Data Import Handler XML External CVE-2018- Apache HTTP 1 Entity Expansion 1308 Server Information Disclosure 2018-1308
SERVER-APACHE Apache CVE-2019- Apache HTTP Solr DataImportHandler 1 0193 Server Remote Code Execution
SERVER-APACHE Apache CVE-2017- Apache HTTP 2 Solr 12629 Server RunExecutableListener
January 2020 Page 107 of 245 IPS Signature Update
arbitrary command execution attempt
SERVER-APACHE Apache Solr Velocity Response Apache HTTP 1 Writer CVE-2019-17558 Server Remote Code Execution
SERVER-APACHE Apache Solr xmlparser XML CVE-2017- Apache HTTP External Entity 2 12629 Server Expansion Remote Code Execution
SERVER-APACHE Apache Solr xmlparser external CVE-2017- Apache HTTP 2 doctype or entity 12629 Server expansion attempt
SERVER-APACHE Apache Spark auth-enabled CVE-2020- Apache HTTP standalone master 1 9480 Server (CVE-2020-9480) Command Execution
SERVER-APACHE Apache Spark auth-enabled CVE-2020- Apache HTTP standalone master 5 9480 Server (CVE-2020-9480) Command Execution
SERVER-APACHE Apache Struts 2 CVE-2012- Apache HTTP ConversionErrorInterce 1 0391 Server ptor OGNL Script Injection
SERVER-APACHE Apache Struts 2 CVE-2011- Apache HTTP ParametersInterceptor 1 3923 Server OGNL Command Execution
January 2020 Page 108 of 245 IPS Signature Update
SERVER-APACHE Apache CVE-2017- Apache HTTP Struts 2 Struts 1 Plugin 2 9791 Server Remote Code Execution
SERVER-APACHE Apache Struts CVE-2016-4465 CVE-2016- Apache HTTP 2 URLValidator Denial of 4465 Server Service I
SERVER-APACHE Apache Struts OGNL CVE-2019- CVE-2019- Apache HTTP 2 0230 Remote Code 0230 Server Execution
SERVER-APACHE Apache CVE-2016- Apache HTTP Struts REST Plugin DMI 2 3087 Server Code Execution
SERVER-APACHE Apache Struts URL and Anchor CVE-2013- Apache HTTP tag includeParams 1 2115 Server OGNL Command Execution
SERVER-APACHE Apache Struts arbitrary OGNL CVE-2013- Apache HTTP 1 remote code execution 2135 Server attempt
SERVER-APACHE Apache Struts parameters CVE-2011- Apache HTTP 1 interceptor remote 3923 Server code execution attempt
SERVER-APACHE Apache Struts remote code CVE-2012- Apache HTTP 1 execution attempt - 0392 Server CookieInterceptor
SERVER-APACHE Apache CVE-2013- Apache HTTP 1 Struts wildcard 2134 Server matching OGNL remote
January 2020 Page 109 of 245 IPS Signature Update
code execution attempt
SERVER-APACHE Apache CVE-2016- Apache HTTP Struts xslt.location local 1 3082 Server file inclusion attempt
SERVER-APACHE Apache Struts2 CVE-2017-9791 CVE-2017- Apache HTTP 2 Remote Code Execution 9791 Server II
SERVER-APACHE Apache Struts2 File Upload CVE- CVE-2019- Apache HTTP 2 2009-0233 Denial of 0233 Server Service
SERVER-APACHE Apache Struts2 File Upload CVE- CVE-2019- Apache HTTP 2 2019-0233 Denial of 0233 Server Service
SERVER-APACHE Apache CVE-2013- Apache HTTP Struts2 remote code 1 2251 Server execution attempt
SERVER-APACHE Apache CVE-2013- Apache HTTP Struts2 remote code 2 2251 Server execution attempt
SERVER-APACHE Apache Subversion CVE-2016- Apache HTTP 3 mod_authz_svn COPY 2168 Server MOVE Denial of Service
SERVER-APACHE Apache Subversion CVE-2018- Apache HTTP 1 mod_dav_svn Denial of 11803 Server Service
SERVER-APACHE Apache CVE-2015- Apache HTTP 2 Subversion 5343 Server mod_dav_svn Integer
January 2020 Page 110 of 245 IPS Signature Update
Overflow
SERVER-APACHE Apache CVE-2017- Apache HTTP Subversion svn-ssh URL 1 9800 Server Command Execution
SERVER-APACHE Apache Tapestry CVE-2020- Apache HTTP ContextAssetRequestHa 3 13953 Server ndler CVE-2020-13953 Information Disclosure
SERVER-APACHE Apache Tika tika-server CVE-2018- Apache HTTP 1 Command Injection 1335 Server Vulnerability
SERVER-APACHE Apache CVE-2020- Apache HTTP Tomcat AJP Local File 1 1938 Server Inclusion
SERVER-APACHE Apache Tomcat CVE-2017- CVE-2017- Apache HTTP 12615 HTTP PUT 2 12615 Server Windows Remote Code Execution
SERVER-APACHE Apache Tomcat CVE-2017- CVE-2017- Apache HTTP 2 12617 HTTP PUT 12617 Server Remote Code Execution
SERVER-APACHE Apache Tomcat CVE-2018- CVE-2018- Apache HTTP 3 11784 Default Servlet 11784 Server Open Redirect
SERVER-APACHE Apache Tomcat CVE-2018- CVE-2018- Apache HTTP 4 11784 Default Servlet 11784 Server Open Redirect
January 2020 Page 111 of 245 IPS Signature Update
SERVER-APACHE Apache Tomcat HTTP PUT CVE- CVE-2017- Apache HTTP 2 2017-12615 Windows 12615 Server Remote Code Execution
SERVER-APACHE Apache CVE-2017- Apache HTTP Tomcat HTTP PUT 1 12615 Server Remote Code Execution
SERVER-APACHE Apache Tomcat HTTP2 CVE-2019- Apache HTTP Connection Window 2 10072 Server Exhaustion Denial Of Service
SERVER-APACHE Apache CVE-2020- Apache HTTP Tomcat HTTP2 h2c 1 13934 Server Memory Exhaustion
SERVER-APACHE Apache Tomcat Java JmxRemoteLifecycleList CVE-2016- Apache HTTP 1 ener unauthorized 8735 Server serialized object attempt
SERVER-APACHE Apache Tomcat WebSocket CVE-2020- Apache HTTP 2 Infinite Loop CVE-2020- 13935 Server 13935 Denial of Service
SERVER-APACHE Apache Tomcat WebSocket CVE-2020- Apache HTTP 5 Infinite Loop CVE-2020- 13935 Server 13935 Denial of Service
SERVER-APACHE Apache Traffic Server ESI Plugin CVE-2018- Apache HTTP Cookie Header 2 8040 Server Information Disclosure CVE-2018-8040
January 2020 Page 112 of 245 IPS Signature Update
SERVER-APACHE Apache httpd CVE-2018-8011 CVE-2018- Apache HTTP 2 mod_md Null Pointer 8011 Server Dereference
SERVER-APACHE Apache httpd CVE-2019-0190 Apache HTTP mod_ssl TLS 3 Server Renegotiation Denial of Service
SERVER-APACHE Apache httpd FilesMatch CVE-2017- Apache HTTP Directive Security 1 15715 Server Restriction Bypass CVE- 2017-15715
SERVER-APACHE Apache httpd FilesMatch CVE-2017- Apache HTTP Directive Security 2 15715 Server Restriction Bypass CVE- 2017-15715
SERVER-APACHE Apache CVE-2017- Apache HTTP httpd ap_find_token 2 7668 Server Out of Bounds Read
SERVER-APACHE Apache httpd CVE-2018- Apache HTTP 1 mod_cache_socache 1303 Server Denial of Service
SERVER-APACHE Apache CVE-2019- Apache HTTP httpd mod_remoteip 1 10097 Server Buffer Overflow
SERVER-APACHE Apache mod_session_crypto CVE-2016- Apache HTTP 3 padding oracle brute 0736 Server force attempt
SERVER-APACHE BEA CVE-2008- Apache HTTP 1
January 2020 Page 113 of 245 IPS Signature Update
WebLogic Apache 4008 Server Oracle connector Transfer-Encoding buffer overflow attempt
SERVER-APACHE Oracle WebLogic Apache CVE-2008- Apache HTTP 1 Connector buffer 3257 Server overflow attempt
SERVER-APACHE Red5 Server Apache Apache HTTP 1 Commons Collections Server Insecure Deserialization
SERVER-APACHE Red5 Server Apache Apache HTTP 4 Commons Collections Server Insecure Deserialization
SERVER-APACHE httpd mod_mime content- CVE-2017- Apache HTTP 1 type buffer overflow 7679 Server attempt
SERVER-IIS Microsoft Windows IIS .NET null CVE-2011- Microsoft IIS 2 character username 3416 web server truncation attempt
SERVER-MAIL IBM Domino IMAP Mailbox CVE-2017- Other Mail 3 Name Stack Buffer 1274 Server Overflow
SERVER-MAIL IBM Lotus Notes URI handler CVE-2012- Other Mail 3 command execution 2174 Server attempt
SERVER-MAIL IBM Lotus CVE-2008- Other Mail 1 Notes WPD attachment 4564 Server handling buffer
January 2020 Page 114 of 245 IPS Signature Update
overflow attempt
SERVER-MAIL Mail.app AppleSingleDouble CVE-2016- Other Mail 2 command execution 0395 Server attempt
SERVER-MAIL Novell iPrint Client CVE-2013- CVE-2013- Other Mail 1091 For Windows IPP 4 1091 Server Response Stack Buffer Overflow
SERVER-MAIL Novell iPrint Client ienipp.ocx CVE-2009- Other Mail 2 volatile-date-time 1569 Server Parsing Buffer Overflow
SERVER-MSSQL Microsoft SQL RDBMS Database CVE-2016- Engine CVE-2016-7250 Management 1 7250 UNC Path Injection System Privilege Escalation II
SERVER-MSSQL Microsoft SQL RDBMS Database Engine UNC Path CVE-2016- Management 1 Injection Privilege 7250 System Escalation (Published Exploit)
SERVER-MYSQL Database Multiple SQL products CVE-2016- Management 1 privilege escalation 6662 System attempt
SERVER-ORACLE BEA Database WebLogic CVE-2014- CVE-2014- Management 1 6321 SSL Handling 6321 System Denial of Service
SERVER-ORACLE Oracle Database 2 BEA WebLogic CVE- Management
January 2020 Page 115 of 245 IPS Signature Update
2008-5457 Server System Apache Connector Buffer Overflow
SERVER-ORACLE Oracle Database BEA WebLogic IIS CVE-2008- Management 1 connector JSESSIONID 5457 System Stack Buffer Overflow
SERVER-ORACLE Oracle Database Document Capture File CVE-2010- Management 1 Overwrite Buffer 3599 System Overflow I
SERVER-ORACLE Oracle Fusion Middleware Database MapViewer CVE-2017- Management 1 FileUploaderServlet 3230 System fileName Directory Traversal
SERVER-ORACLE Oracle Fusion Middleware Database MapViewer CVE-2017- Management 3 FileUploaderServlet 3230 System fileName Directory Traversal
SERVER-ORACLE Oracle GoldenGate CVE-2018- Database CVE-2018- 2913 Manager Management 2 2913 Command Stack Buffer System Overflow I
SERVER-ORACLE Oracle GoldenGate CVE-2018- Database CVE-2018- 2913 Manager Management 2 2913 Command Stack Buffer System Overflow II
SERVER-ORACLE Oracle CVE-2018- Database GoldenGate Manager 3 2914 Management CVE-2018-2914
January 2020 Page 116 of 245 IPS Signature Update
Command Report System Denial of Service
SERVER-ORACLE Oracle Database GoldenGate Manager CVE-2018- Management 1 Command Tab Parsing 2912 System Denial of Service
SERVER-ORACLE Oracle Database Java CVE-2010- Management 1 Applet2ClassLoader 4452 System Remote Code Execution
SERVER-ORACLE Oracle Java Runtime Bytecode Database CVE-2012- Verifier Cache Code Management 1 1723 Execution (Published System Exploit)
SERVER-ORACLE Oracle Java Runtime Bytecode Database CVE-2012- Verifier Cache Code Management 4 1723 Execution (Published System Exploit)
SERVER-ORACLE Oracle Java Runtime Database CVE-2013- Environment CVE-2013- Management 2 2465 2465 storeImageArray System Buffer Overflow
SERVER-ORACLE Oracle Java Runtime Environment Database CVE-2013- ShortComponentRaster. Management 1 2472 verify Memory System Corruption (Published Exploit)
SERVER-ORACLE Oracle Database CVE-2013- Java Runtime Management 4 2472 Environment System ShortComponentRaster.
January 2020 Page 117 of 245 IPS Signature Update
verify Memory Corruption (Published Exploit)
SERVER-ORACLE Oracle Java Runtime Database Environment CVE-2013- Management 2 storeImageArray Buffer 2465 System Overflow (Published Exploit)
SERVER-ORACLE Oracle Java Runtime Database Environment CVE-2013- Management 4 storeImageArray Buffer 2465 System Overflow (Published Exploit)
SERVER-ORACLE Oracle Java Runtime Database Environment CVE-2013- Management 2 storeImageArray Buffer 2465 System Overflow (Published Exploit)
SERVER-ORACLE Oracle Java Web Start Database CVE-2012- Command Argument Management 1 0500 Injection Remote Code System Execution
SERVER-ORACLE Oracle Java Web Start Database CVE-2012- Command Argument Management 4 0500 Injection Remote Code System Execution
SERVER-ORACLE Oracle Database Java Web Start Launch Management 1 Command-Line System Injection
January 2020 Page 118 of 245 IPS Signature Update
SERVER-ORACLE Oracle Database MySQL CVE-2017- Management 2 sql_authentication 3599 System Integer Overflow
SERVER-ORACLE Oracle Database Outside CVE-2018-2992 CVE-2018- Management 3 In Excel GelFrame Out- 2992 System of-bounds Read
SERVER-ORACLE Oracle Outside In JPEG 2000 Database CVE-2011- COD and COC Management 4 4516 Parameter Heap Buffer System Overflow
SERVER-ORACLE Oracle Secure Backup NDMP Database CVE-2008- CONECT_CLIENT_AUTH Management 1 5444 Command Buffer System Overflow
SERVER-ORACLE Oracle Database Secure Backup exec_qr CVE-2008- Management 1 command injection 5448 System attempt
SERVER-ORACLE Oracle Database Solaris RPC CVE-2017- CVE-2017- Management 2 3623 Heap Buffer 3623 System Overflow
SERVER-ORACLE Oracle Database Tuxedo Jolt Protocol CVE-2017- Management 3 CVE-2017-10278 Heap 10278 System Buffer Overflow
SERVER-ORACLE Oracle Database Web Cache CVE-2018- CVE-2004- Management 2 0967 Unspecified Client 0385 System Request Handling log
January 2020 Page 119 of 245 IPS Signature Update
SERVER-ORACLE Oracle WebLogic CVE-2018- Database CVE-2018- 2616 Remote Diagnosis Management 2 2616 Assistant rda_tfa_hrs System Command Injection
SERVER-ORACLE Oracle WebLogic Server Database AbstractPlatformTransa CVE-2018- Management 2 ctionManager Insecure 3191 System Deserialization CVE- 2018-3191
SERVER-ORACLE Oracle WebLogic Server CVE- Database CVE-2018- 2018-2894 Web Service Management 3 2894 Config Arbitrary File System Upload
SERVER-ORACLE Oracle WebLogic Server Database CVE-2018- DeploymentServiceServl Management 2 3252 et Insecure System Deserialization
SERVER-ORACLE Oracle Database WebLogic Server CVE-2019- Management 2 FileDistributionServlet 2615 System Information Disclosure
SERVER-ORACLE Oracle Database WebLogic Server Node Management 1 Manager Command System Execution
SERVER-ORACLE Oracle Database WebLogic Server CVE-2018- Management 1 RemoteObject Insecure 3245 System Deserialization
CVE-2017- SERVER-ORACLE Oracle Database 2 WebLogic Server 3248 Management
January 2020 Page 120 of 245 IPS Signature Update
UnicastRef Insecure System Deserialization
SERVER-ORACLE Oracle Database WebLogic Server CVE-2017- Management 4 UnicastRef Insecure 3248 System Deserialization
SERVER-ORACLE Oracle Database WebLogic Server CVE-2017- Management 2 remote command 10271 System execution attempt
SERVER-ORACLE Oracle Web Services WebLogic Server CVE-2017- and 1 remote command 10271 Applications execution attempt
SERVER-ORACLE Oracle Weblogic CVE-2020- CVE-2020- Other Web 1 2551 Insecure 2551 Server Deserialization
SERVER-ORACLE Oracle CVE-2020- Other Web Weblogic LimitFilter 1 2555 Server Insecure Deserialization
SERVER-ORACLE Oracle iPlanet Web Server CVE-2020- Other Web unauthenticated 1 9315 Server information disclosure attempt
SERVER-ORACLE Oracle CVE-2020- Other Web iPlanet admin panel 1 9314 Server image injection attempt
SERVER-ORACLE Secure Backup administration Database CVE-2008- server login.php cookies Management 1 4006 command injection System attempt
January 2020 Page 121 of 245 IPS Signature Update
SERVER-ORACLE Secure Backup common.php Database CVE-2008- variable based Management 1 4006 command injection System attempt
SERVER-ORACLE Secure Database Backup msgid 0x901 CVE-2008- Management 1 username field overflow 5444 System attempt
SERVER-ORACLE WebLogic Server Node Database CVE-2010- Manager arbitrary Management 1 0073 command execution System attempt
SERVER-ORACLE Database CVE-2009- auth_sesskey buffer Management 1 1979 overflow attempt System
SERVER-OTHER Active Directory LDAP CVE-2020- Other Web addRequest crafted 2 0856 Server dnsRecord information leak attempt
SERVER-OTHER Adobe ColdFusion CVE-2017- CVE-2017- Other Web 1 11284 RMI Registry 11284 Server Insecure Deserialization
SERVER-OTHER Adobe ColdFusion CVE-2017- CVE-2017- Other Web 4 11284 RMI Registry 11284 Server Insecure Deserialization
SERVER-OTHER Adobe ColdFusion arbitrary file CVE-2019- Application 2 upload attempt CVE- 7816 and Software 2019-7816
January 2020 Page 122 of 245 IPS Signature Update
SERVER-OTHER Advantech WebAccess CVE-2018- Other Web 2 Client bwswfcfg Stack- 17910 Server based Buffer Overflow
SERVER-OTHER Advantech WebAccess Other Web Node spchapi and 2 Server tv_enua Stack Buffer Overflow
SERVER-OTHER Advantech WebAccess CVE-2017- Other Web webvrpcs service 2 16728 Server arbitrary pointer dereference attempt
SERVER-OTHER Aerospike Database CVE-2016- Other Web 2 Server Fabric denial of 9049 Server service attempt
SERVER-OTHER Aerospike Database CVE-2016- Other Web 2 Server si_prop stack 9054 Server buffer overflow attempt
SERVER-OTHER Apache CVE-2020- Other Web OFBiz XMLRPC 2 9496 Server deserialization attempt
SERVER-OTHER Apache CVE-2017- Other Web mod_auth_digest out of 1 9788 Server bounds read attempt
SERVER-OTHER BigAnt Document Service Other Web 1 DDNF request stack Server buffer overflow attempt
CVE-2008- Other Web SERVER-OTHER CA 1 ARCserve Backup for 3175 Server
January 2020 Page 123 of 245 IPS Signature Update
Laptops and Desktops LGServer Handshake Buffer Overflow
SERVER-OTHER CA ARCserve Backup for CVE-2008- Other Web Laptops and Desktops 1 3175 Server LGServer handshake buffer overflow attempt
SERVER-OTHER CA XOsoft Multiple CVE-2010- Other Web Products 1 1223 Server xosoapapi.asmx Buffer Overflow
SERVER-OTHER CA XOsoft Multiple CVE-2010- Other Web Products 4 1223 Server xosoapapi.asmx Buffer Overflow
SERVER-OTHER Cesanta CVE-2019- Other Web Mongoose parse_mqtt 1 12951 Server Out of Bounds Read
SERVER-OTHER Cesanta CVE-2019- Other Web Mongoose parse_mqtt 2 12951 Server Out of Bounds Read
SERVER-OTHER Cisco ASA VPN CVE-2018- Other Web aggregateAuthDataHan 1 0101 Server dler double free attempt
SERVER-OTHER Cisco ASA VPN CVE-2018- Other Web aggregateAuthDataHan 1 0101 Server dler double free attempt
January 2020 Page 124 of 245 IPS Signature Update
SERVER-OTHER Cisco Prime Infrastructure CVE-2019- Other Web and EPNM 2 1821 Server UploadServlet Tar Directory Traversal
SERVER-OTHER Cisco Prime Infrastructure and EPNM CVE-2019- Other Web UploadServlet Tar 2 1821 Server Directory Traversal (Published Exploit) (Decrypted Traffic)
SERVER-OTHER Cisco Prime Infrastructure Other Web swimtemp CVE-2018- 2 Server 15379 TFTP Arbitrary File Upload
SERVER-OTHER Cisco Prime Infrastructure CVE-2018- Other Web swimtemp CVE-2018- 2 15379 Server 15379 TFTP Arbitrary File Upload
SERVER-OTHER Cisco Smart Install init CVE-2018- Other Web discovery message stack 1 0171 Server buffer overflow attempt CVE-2018-0171
SERVER-OTHER CloudMe Sync Client CVE-2018- Other Web 1 stack buffer overflow 6892 Server attempt
SERVER-OTHER Disk Other Web Savvy Enterprise buffer 1 Server overflow attempt
SERVER-OTHER Elastic CVE-2018- Web Services 3
January 2020 Page 125 of 245 IPS Signature Update
Kibana server.js Local 17246 and File Inclusion Applications
SERVER-OTHER Ethereal Other Web Distcc SERR buffer 1 Server overflow attempt
SERVER-OTHER Fatek Automation PLC CVE-2016- Other Web 2 WinProladder buffer 8377 Server overflow attempt
SERVER-OTHER Flexera Other Web FlexNet License Server 1 Server buffer overflow attempt
SERVER-OTHER Fortinet FortiOS appliedTags Other Web 2 field cross site scripting Server attempt
SERVER-OTHER GE Proficy CIMPLICITY Other Web 1 Marquee Manager stack Server buffer overflow attempt
SERVER-OTHER Git CVE- 2017-1000117 ssh URL CVE-2017- Other Web 2 Processing Command 1000117 Server Execution Vulnerability
SERVER-OTHER Git CVE- 2017-1000117 ssh URL CVE-2017- Other Web 4 Processing Command 1000117 Server Execution Vulnerability
SERVER-OTHER GitLab CVE-2018- Other Web Wiki API Attachments 2 18649 Server Command Injection
CVE-2013- Other Web SERVER-OTHER HP AIO 1 Archive Query Server 6189 Server
January 2020 Page 126 of 245 IPS Signature Update
stack buffer overflow attempt
SERVER-OTHER HP CVE-2011- Other Web Archive Query Server 1 4163 Server stack overflow attempt
SERVER-OTHER HP Data Protector Backup Client CVE-2011- Other Web 1 Service code execution 0922 Server attempt
SERVER-OTHER HP Data Protector CRS Multiple CVE-2013- Other Web 1 Opcodes Stack Buffer 2324 Server Overflow
SERVER-OTHER HP Data CVE-2013- Other Web Protector CRS Multiple 1 6195 Server Stack Buffer Overflows
SERVER-OTHER HP Data Protector CRS Opcode CVE-2013- Other Web 1 1091 Stack Buffer 2334 Server Overflow
SERVER-OTHER HP Data Protector CRS Opcode CVE-2013- Other Web 1 215 and 263 Stack 2328 Server Buffer Overflow
SERVER-OTHER HP Data Protector CRS Opcode CVE-2013- Other Web 1 234 Stack Buffer 2326 Server Overflow
SERVER-OTHER HP Data Protector CRS Opcode CVE-2013- Other Web 1 305 Stack Buffer 2330 Server Overflow
SERVER-OTHER HP Data CVE-2013- Other Web 1
January 2020 Page 127 of 245 IPS Signature Update
Protector EXEC_BAR 2347 Server Command Execution
SERVER-OTHER HP Data Protector Express CVE-2012- Other Web Multiple Opcode 1 0121 Server Parsing Stack Buffer Overflow
SERVER-OTHER HP Data Protector Opcode 28 CVE-2014- Other Web 1 and 11 Command 2623 Server Execution
SERVER-OTHER HP Data Protector client CVE-2011- Other Web 1 EXEC_CMD command 0923 Server execution attempt
SERVER-OTHER HP Database Archiving CVE-2011- Other Web 1 Software GIOP Opcode 4163 Server 0x0E Buffer Overflow
SERVER-OTHER HP Database Archiving CVE-2011- Other Web 1 Software GIOP parsing 4164 Server buffer overflow attempt
SERVER-OTHER HP Integrated Lights-Out CVE-2017- Other Web HTTP headers 1 12542 Server processing buffer overflow attempt
SERVER-OTHER HP Intelligent Management Center dbman CVE-2017- Other Web 1 BackupDBase opcode 8954 Server command injection attempt
January 2020 Page 128 of 245 IPS Signature Update
SERVER-OTHER HP Intelligent Management Center dbman CVE-2017- Other Web 1 BackupZipFile opcode 5820 Server command injection attempt
SERVER-OTHER HP Intelligent Management Center dbman CVE- CVE-2017- Other Web 2017-5820 1 5820 Server BackupZipFile opcode command injection Vulnerability
SERVER-OTHER HP Intelligent Management Center dbman CVE-2017- Other Web 1 RestartDB Opcode 5816 Server Command Injection Attempt
SERVER-OTHER HP Intelligent Management CVE-2017- Other Web Center dbman 2 5817 Server RestoreDBase MSSQL Command Injection
SERVER-OTHER HP Intelligent Management Center dbman CVE-2017- Other Web 1 RestoreDBase opcode 5817 Server command injection attempt
SERVER-OTHER HP Intelligent Management CVE-2011- Other Web 1 Center dbman buffer 1850 Server overflow attempt
SERVER-OTHER HP CVE-2012- Other Web 1 Intelligent Management 3274 Server Center uam.exe stack
January 2020 Page 129 of 245 IPS Signature Update
buffer overflow attempt
SERVER-OTHER HP LeftHand Virtual SAN CVE-2012- Other Web Appliance hydra Diag 1 3283 Server Processing Buffer Overflow
SERVER-OTHER HP LeftHand Virtual SAN CVE-2013- Other Web Hydra Login Request 1 2343 Server Buffer Overflow Attempt
SERVER-OTHER HP LeftHand Virtual SAN CVE-2012- Other Web 1 hydra diag request 3283 Server buffer overflow attempt
SERVER-OTHER HP LeftHand Virtual SAN CVE-2012- Other Web 1 hydra ping request 3285 Server buffer overflow attempt
SERVER-OTHER HP LoadRunner CVE-2013- CVE-2013- Other Web 2 4800 Magentproc Stack 4800 Server Buffer Overflow I
SERVER-OTHER HP LoadRunner CVE-2013- CVE-2013- Other Web 2 4800 Magentproc Stack 4800 Server Buffer Overflow II
SERVER-OTHER HP LoadRunner CVE-2013- CVE-2013- Other Web 2 4800 Magentproc Stack 4800 Server Buffer Overflow III
SERVER-OTHER HP CVE-2015- Other Web 1 LoadRunner launcher.dll 2110 Server stack buffer overflow
January 2020 Page 130 of 245 IPS Signature Update
attempt
SERVER-OTHER HP LoadRunner remote CVE-2010- Other Web 1 command execution 1549 Server attempt
SERVER-OTHER HP Network Node Manager CVE-2014- Other Web 2 I ovopi.dll -D Buffer 2624 Server Overflow
SERVER-OTHER HP Network Node Manager CVE-2014- Other Web 1 ovopi.dll buffer 2624 Server overflow attempt
SERVER-OTHER HP OpenView CGI CVE-2007- Other Web 1 parameter buffer 6204 Server overflow attempt
SERVER-OTHER HP OpenView NNM nnmRptconfig.exe CVE-2011- Other Web 1 schdParams and 0267 Server nameParams Buffer Overflow
SERVER-OTHER HP OpenView Network CVE-2008- Other Web Node Manager 1 0067 Server OpenView5 CGI Buffer Overflow
SERVER-OTHER HP OpenView Network CVE-2010- Other Web Node Manager 1 1551 Server netmon.exe Stack Buffer Overflow
SERVER-OTHER HP CVE-2011- Other Web 1 OpenView Network
January 2020 Page 131 of 245 IPS Signature Update
Node Manager 0270 Server nnmRptConfig.exe Template Format String Code Execution
SERVER-OTHER HP OpenView Network Node Manager CVE-2011- Other Web 1 nnmRptConfig.exe 0269 Server schd_select1 Remote Code Execution
SERVER-OTHER HP OpenView Network Node Manager CVE-2009- Other Web 1 ovalarm.exe Accept- 4179 Server Language Buffer Overflow
SERVER-OTHER HP OpenView Network CVE-2008- Other Web Node Manager 1 2438 Server ovalarmsrv Integer Overflow
SERVER-OTHER HP OpenView Network CVE-2011- Other Web Node Manager ovutil.dll 1 0262 Server stringToSeconds Buffer Overflow
SERVER-OTHER HP OpenView Network Node Manager CVE-2009- Other Web 1 ovwebsnmpsrv.exe 4181 Server OVwSelection Buffer Overflow
SERVER-OTHER HP OpenView Storage Data CVE-2013- Other Web Protector CRS opcode 1 2334 Server 1091 buffer overflow attempt
January 2020 Page 132 of 245 IPS Signature Update
SERVER-OTHER HP OpenView Storage Data CVE-2013- Other Web Protector CRS opcode 1 2331 Server 1092 buffer overflow attempt
SERVER-OTHER HP OpenView Storage Data CVE-2013- Other Web Protector CRS opcode 1 2329 Server 259 buffer overflow attempt
SERVER-OTHER HP OpenView Storage Data CVE-2013- Other Web Protector CRS opcode 1 2327 Server 264 buffer overflow attempt
SERVER-OTHER HP OpenView Storage Data CVE-2011- Other Web 1 Protector exec_cmd 1866 Server buffer overflow attempt
SERVER-OTHER HP Operations Agent CVE-2012- Other Web Performance 1 2019 Server Component Last Chunk Buffer Overflow
SERVER-OTHER HP Operations Agent CVE-2012- Other Web Performance 4 2019 Server Component Last Chunk Buffer Overflow
SERVER-OTHER HP Operations CVE-2016- Other Web Orchestration 1 8519 Server unauthorized serialized object attempt
SERVER-OTHER HP CVE-2009- Other Web 1
January 2020 Page 133 of 245 IPS Signature Update
Power Manager Remote 2685 Server Code Execution
SERVER-OTHER HP ProCurve Manager SNAC CVE-2013- Other Web 1 UpdateCertificatesServl 4812 Server et Code Execution CVE- 2013-4812
SERVER-OTHER HP ProCurve Manager CVE-2013- Other Web SNAC 1 4812 Server UpdateCertificatesServl et Code Execution
SERVER-OTHER HP ProCurve Manager CVE-2013- Other Web SNAC 4 4812 Server UpdateCertificatesServl et Code Execution
SERVER-OTHER HP ProCurve Manager CVE-2013- Other Web SNAC 4 4811 Server UpdateDomainControlle rServlet Code Execution
SERVER-OTHER HP SiteScope SOAP Call CVE-2013- Other Web 1 runOMAgentCommand 2367 Server Command Injection
SERVER-OTHER HPE Data Protector CVE-2016- Other Web 1 EXEC_BAR domain 2006 Server Buffer Overflow
SERVER-OTHER HPE Data Protector CVE-2016- Other Web 1 EXEC_BAR username 2005 Server Buffer Overflow
January 2020 Page 134 of 245 IPS Signature Update
SERVER-OTHER HPE Intelligent Management CVE-2017- Other Web Center CVE-2017-8961 3 8961 Server PLAT flexFileUpload Arbitrary File Upload
SERVER-OTHER HPE Intelligent Management CVE-2016- Other Web Center PLAT 2 8530 Server RedirectServlet parafile Directory Traversal
SERVER-OTHER HPE Intelligent Management CVE-2017- Other Web 1 Center RMI Registry 5792 Server Insecure Deserialization
SERVER-OTHER HPE Intelligent Management Other Web Center 2 Server TopoDebugServlet Insecure Deserialization
SERVER-OTHER HPE Intelligent Management CVE-2018- Other Web 2 Center dbman Stack 7115 Server Buffer Overflow
SERVER-OTHER HPE Intelligent Management Center dbman CVE-2018- Other Web 2 decryptMsgAes Stack 7114 Server Buffer Overflow CVE- 2018-7114
SERVER-OTHER HPE Intelligent Management Center CVE-2017- Other Web wmiConfigContent 2 12526 Server Expression Language Injection CVE-2017- 12526
January 2020 Page 135 of 245 IPS Signature Update
SERVER-OTHER HPE LoadRunner and CVE-2017- Other Web Performance Center 1 5789 Server libxdrutil.dll mxdr_string Heap Buffer Overflow
SERVER-OTHER HPE Moonshot CVE-2017- 8976 Provisioning CVE-2017- Other Web 2 Manager Appliance 8976 Server khuploadfile.cgi Directory Traversal
SERVER-OTHER HPE Network 2017-5811 CVE-2017- Other Web 4 Automation FileServlet 5811 Server Firstpass
SERVER-OTHER HPE Operations Orchestration CVE-2017- Other Web 1 backwards- 8994 Server compatibility beanutils Insecure Deserialization
SERVER-OTHER Heimdal KDC CVE-2017-17439 CVE-2017- Other Web 2 ASN1 DER Length Denial 17439 Server of Service I
SERVER-OTHER Heimdal KDC CVE-2017-17439 CVE-2017- Other Web 2 ASN1 DER Length Denial 17439 Server of Service II
SERVER-OTHER Heimdal KDC CVE-2017-17439 CVE-2017- Other Web 2 ASN1 DER Length Denial 17439 Server of Service III
CVE-2017- Other Web SERVER-OTHER Heimdal 2 KDC CVE-2017-17439 17439 Server
January 2020 Page 136 of 245 IPS Signature Update
ASN1 DER Length Denial of Service IV
SERVER-OTHER IBM Cognos TM1 Server CVE-2012- Other Web 3 tm1admsd.exe buffer 0202 Server overflow attempt
SERVER-OTHER IBM Informix Dynamic Other Web 1 Server bts_tracefile Server Directory Traversal
SERVER-OTHER IBM Informix Dynamic CVE-2017- Other Web Server index.php 1 1092 Server testconn Heap Buffer Overflow
SERVER-OTHER IBM Informix Dynamic CVE-2017- Other Web Server index.php 3 1092 Server testconn Heap Buffer Overflow
SERVER-OTHER IBM Informix Dynamic CVE-2011- Other Web 1 Server set environment 1033 Server buffer overflow attempt
SERVER-OTHER IBM CVE-2010- Other Web Lotus Domino LDAP 1 0358 Server Heap Buffer Overflow
SERVER-OTHER IBM CVE-2011- Other Web Lotus Domino LDAP 1 0917 Server Integer Overflow I
SERVER-OTHER IBM Lotus Expeditor cai URI CVE-2008- Other Web 1 Handler Command 1965 Server Execution
January 2020 Page 137 of 245 IPS Signature Update
SERVER-OTHER IBM Lotus Notes URL CVE-2012- Other Web 1 Handler Command 2174 Server Execution
SERVER-OTHER IBM QRadar SIEM CVE-2018- Other Web 2 Authentication Bypass 1418 Server (Decrypted Traffic)
SERVER-OTHER IBM CVE-2018- Other Web QRadar SIEM 2 1418 Server Authentication Bypass-I
SERVER-OTHER IBM CVE-2018- Other Web QRadar SIEM 1 1418 Server Authentication Bypass-II
SERVER-OTHER IBM Tivoli Directory Server CVE-2011- Other Web ibmslapd.exe Stack 1 1206 Server Buffer Overflow Attempt
SERVER-OTHER IBM Tivoli Endpoint Manager CVE-2014- CVE-2014- Other Web 2 6140 Mobile Device 6140 Server Management Remote Code Execution Attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2008- Other Web Client dsmagent.exe 1 4828 Server NodeName Buffer Overflow
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 FastBack Mount vault 1896 Server Stack Buffer Overflow
January 2020 Page 138 of 245 IPS Signature Update
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 4 FastBack Mount vault 1896 Server Stack Buffer Overflow
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web FastBack Server Opcode 1 1938 Server 1331 lza32 Command Injection
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 FastBack Server Opcode 4931 Server 4115 Buffer Overflow
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 FastBack buffer 1896 Server overflow attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 FastBack command 1949 Server injection attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 3 FastBack server denial 8523 Server of service attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 Fastback buffer 8519 Server overflow attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 Fastback buffer 8520 Server overflow attempt
SERVER-OTHER IBM CVE-2015- Other Web 1
January 2020 Page 139 of 245 IPS Signature Update
Tivoli Storage Manager 8521 Server Fastback buffer overflow attempt
SERVER-OTHER IBM Tivoli Storage Manager CVE-2015- Other Web 1 Fastback buffer 8522 Server overflow attempt
SERVER-OTHER IBM CVE-2009- Other Web Tivoli name overflow 1 3853 Server attempt
SERVER-OTHER IBM WebSphere Application Server Commons- CVE-2016- Other Web 2 Collections Library 0150 Server Remote Code Execution I
SERVER-OTHER IRC w3wt0rk pitbull perl bot Other Web 1 remote command Server execution attempt
SERVER-OTHER Intel CVE-2020- Other Web AMT HTTP invalid chunk 2 8758 Server size attempt
SERVER-OTHER Intel CVE-2020- Other Web AMT HTTP negative 2 8758 Server content-length attempt
SERVER-OTHER Jackson databind deserialization CVE-2017- Other Web 1 remote code execution 17485 Server attempt
SERVER-OTHER Java CVE-2015- Other Web Library CVE-2016-3642 2 CommonsCollection 3253 Server Unauthorized Serialized
January 2020 Page 140 of 245 IPS Signature Update
Object Attempt
SERVER-OTHER Jenkins CVE-2018- Other Web CI Server getOrCreate 2 1999001 Server Policy Bypass
SERVER-OTHER Joomla! CMS Policy Bypass and CVE-2016- Other Web 2 Privilege Escalation 8869 Server Vulnerabilities
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web Request Handling 2 1002105 Server Privilege Escalation (Decrypted Traffic)
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web Request Handling 4 1002105 Server Privilege Escalation (Decrypted Traffic)
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web 2 Request Handling 1002105 Server Privilege Escalation
SERVER-OTHER CVE-2018- Other Web Kubernetes API Server 2 1002105 Server bypass attempt
SERVER-OTHER Lighttpd CVE-2019- Other Web url-path-2f-decode 4 11072 Server Denial-Of-Service
SERVER-OTHER Lotus Domino LDAP Heap CVE-2010- Other Web 1 Buffer Overflow 0358 Server Attempt
SERVER-OTHER MIT CVE-2016- Other Web 1
January 2020 Page 141 of 245 IPS Signature Update
Kerberos CVE-2016- 3119 Server 3119 kadmind Null Pointer Dereference Vulnerability
SERVER-OTHER Micro Focus Operations CVE-2018- Other Web Orchestration 2 6490 Server information disclosure attempt
SERVER-OTHER CVE-2002- Other Web Microsoft Frontpage 3 1717 Server writeto.cnf access
SERVER-OTHER Microsoft JET Database CVE-2018- Other Web Engine CVE-2018-8423 2 8423 Server Remote Code Execution Vulnerability
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 1 DHCP Server Failover 0785 Server Remote Code Execution
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 4 DHCP Server Failover 0785 Server Remote Code Execution
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 2 DHCP Server Remote 0725 Server Code Execution
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 4 DHCP Server Remote 0725 Server Code Execution
SERVER-OTHER CVE-2013- Other Web 2 MiniUPnPd SSDP
January 2020 Page 142 of 245 IPS Signature Update
request buffer overflow 0229 Server attempt
SERVER-OTHER Multi- Router Looking Glass CVE-2014- Other Web 2 remote command 3927 Server injection attempt
SERVER-OTHER NTP CVE-2017- Other Web Config Unpeer denial of 3 6463 Server service attempt
SERVER-OTHER NTP CVE-2016- Other Web crypto-NAK denial of 2 4957 Server service attempt
SERVER-OTHER NTP decodenetnum CVE-2015- Other Web 1 assertion failure denial 7855 Server of service attempt
SERVER-OTHER NTP malformed config CVE-2017- Other Web 3 request denial of 6464 Server service attempt
SERVER-OTHER NTP CVE-2015- Other Web origin timestamp denial 1 7704 Server of service attempt
SERVER-OTHER NTPsec ntpd CVE-2019-6443 CVE-2019- Other Web 2 ctl_getitem Out of 6443 Server Bounds Read
SERVER-OTHER NTPsec ntpd CVE-2019-6443 CVE-2019- Other Web 3 ctl_getitem Out of 6443 Server Bounds Read
CVE-2019- Other Web SERVER-OTHER NTPsec 1 ntpd process_control 6444 Server
January 2020 Page 143 of 245 IPS Signature Update
Out of Bounds Read
SERVER-OTHER NUUO CVE-2018- Other Web NVRMini2 stack based 2 1149 Server buffer overflow attempt
SERVER-OTHER Netatalk dsi_opensession CVE-2018- Other Web Attention Quantum 1 1160 Server Out-of-bounds Write (Published Exploit)
SERVER-OTHER Netatalk dsi_opensession CVE-2018- Other Web 1 Attention Quantum 1160 Server Out-of-bounds Write
SERVER-OTHER Nginx Unit Router Process CVE-2019- Other Web 2 Heap-based Buffer 7401 Server Overflow
SERVER-OTHER Novell File Reporter CVE-2012- CVE-2012- Other Web 1 4956 VOL Tag Heap 4956 Server Buffer Overflow I
SERVER-OTHER Novell File Reporter CVE-2012- CVE-2012- Other Web 1 4956 VOL Tag Heap 4956 Server Buffer Overflow II
SERVER-OTHER Novell Groupwise HTTP CVE-2008- Other Web 1 response message 2703 Server parsing overflow
SERVER-OTHER Novell Groupwise internet CVE-2011- Other Web 1 agent http uri buffer 0334 Server overflow attempt
January 2020 Page 144 of 245 IPS Signature Update
SERVER-OTHER Novell ZENWorks configuration CVE-2011- Other Web management preboot 1 3176 Server opcode 6C request buffer overflow attempt
SERVER-OTHER Novell ZENworks Configuration Management PreBoot CVE-2011- Other Web 1 Service Opcode 4c 3176 Server Request Buffer Overflow
SERVER-OTHER Novell ZENworks Configuration Management PreBoot CVE-2011- Other Web 1 Service Opcode 6c 3176 Server Request Buffer Overflow
SERVER-OTHER Novell ZENworks Configuration Other Web Management Preboot 1 Server service code overflow attempt
SERVER-OTHER Novell eDirectory LDAP NULL CVE-2008- Other Web 1 Search Parameter Buffer 1809 Server Overflow
SERVER-OTHER Novell CVE-2012- Other Web eDirectory NCP stack 1 0432 Server buffer overflow attempt
SERVER-OTHER OpenLDAP ldapsearch CVE-2017- Other Web 3 pagesize Double Free 9287 Server Denial of Service
CVE-2017- Other Web SERVER-OTHER 3 OpenLDAP zero size 9287 Server
January 2020 Page 145 of 245 IPS Signature Update
PagedResultsControl denial of service attempt
SERVER-OTHER OpenMRS CVE-2018- Other Web webservices.rest 2 19276 Server Insecure Object Deserialization
SERVER-OTHER OpenSSH CVE-2016- CVE-2016- Other Web 6515 sshd auth_passwd 1 6515 Server Denial of Service Vulnerability
SERVER-OTHER Oracle Java JMX server CVE-2015- Other Web insecure configuration 1 2342 Server remote code execution attempt
SERVER-OTHER Oracle Tuxedo Jolt Protocol CVE-2017- Other Web 3 CVE-2017-10272 10272 Server Information Disclosure
SERVER-OTHER Pharos PopUp Printer Client CVE-2017- Other Web 1 DecodeBinary heap 2788 Server buffer overflow attempt
SERVER-OTHER Pharos PopUp Printer Client CVE-2017- Other Web 2 DecodeString denial of 2786 Server service attempt
SERVER-OTHER Pidgin MXIT protocol handling CVE-2016- Other Web splash_remove 2 4323 Server directory traversal attempt
January 2020 Page 146 of 245 IPS Signature Update
SERVER-OTHER PostgreSQL Database CVE-2019- Other Web 2 Password Change Stack 10164 Server Buffer Overflow
SERVER-OTHER Proface GP-Pro EX EX-ED CVE-2016- Other Web 3 BeginPreRead stack 2292 Server buffer overflow attempt
SERVER-OTHER Quest Privilege Manager CVE-2017- Other Web 1 pmmasterd buffer 6553 Server overflow attempt
SERVER-OTHER RaySharp CCTV Other Web 1 derivative command Server injection attempt
SERVER-OTHER Red Hat CVE-2018- Other Web librelp Stack Buffer 2 1000140 Server Overflow
SERVER-OTHER Redis CVE-2015- Other Web lua script integer 3 8080 Server overflow attempt
SERVER-OTHER Rockwell Automation CVE-2019- Other Web RSLinx Classic Forward 2 6553 Server Open Electronic Key Stack Buffer Overflow
SERVER-OTHER Rsync CVE-2017-16548 CVE-2017- Other Web 2 eceive_xattr Heap- 16548 Server based Buffer Overread
SERVER-OTHER Rsync CVE-2017- Other Web 4 CVE-2017-16548 16548 Server receive_xattr Heap-
January 2020 Page 147 of 245 IPS Signature Update
based Buffer Overread
SERVER-OTHER Samba CVE-2018-1057 LDAP CVE-2018- Other Web 2 AD DC Privilege 1057 Server Escalation
SERVER-OTHER Squid HTTP Accept Encoding CVE-2016- Other Web 2 response header denial 3948 Server of service attempt
SERVER-OTHER Tipping Point IPS reverse DNS Other Web 1 lookup format string Server exploit attempt
SERVER-OTHER Trend Micro Control Manager Other Web XML External Entity 1 Server Processing (Decrypted Traffic)
SERVER-OTHER Trend Micro Mobile Security CVE-2017- Other Web Enterprise 2 14078 Server get_dep_profile id SQL Injection I
SERVER-OTHER Trend Micro Mobile Security CVE-2017- Other Web Enterprise 2 14078 Server get_dep_profile id SQL Injection II
SERVER-OTHER UltraVNC VNC Server CVE-2019-8274 File CVE-2019- Other Web 2 Transfer Offer Handler 8274 Server Heap-based Buffer Overflow
January 2020 Page 148 of 245 IPS Signature Update
SERVER-OTHER UltraVNC VNC Server CVE-2019-8274 File CVE-2019- Other Web 4 Transfer Offer Handler 8274 Server Heap-based Buffer Overflow
SERVER-OTHER Verso NetPerformer frame Other Web relay access device 1 Server telnet buffer overflow attempt
SERVER-OTHER Western Digital My Cloud CVE-2018- Other Web 2 authentication bypass 17153 Server attempt
SERVER-OTHER Wordpress CMS CVE-2018- Other Web 1 platform denial of 6389 Server service attempt
SERVER-OTHER Xi Software Net Transport Other Web 1 eDonkey Protocol Buffer Server Overflow attempt
SERVER-OTHER Zoho ManageEngine CVE-2018- Other Web OpManager APIDBUtil 2 17243 Server getDevicesForSearchStri ng SQL Injection
SERVER-OTHER Zoho ManageEngine CVE-2018- Other Web OpManager Business 2 18475 Server View Background Image Arbitrary File Upload
CVE-2019- Other Web SERVER-OTHER dhcpcd 2 DHCPv6 CVE-2019- 11577 Server
January 2020 Page 149 of 245 IPS Signature Update
11577 dhcp6_findna Buffer Overflow
SERVER-OTHER libVNC LibVNCClient CoRRE CVE-2018- Other Web Heap-based Buffer 2 20020 Server Overflow CVE-2018- 20020
SERVER-OTHER libVNC LibVNCClient CoRRE CVE-2018- Other Web Heap-based Buffer 4 20020 Server Overflow CVE-2018- 20020
SERVER-OTHER libVNC LibVNCServer File CVE-2018- Other Web Transfer Extension 2 15127 Server Heap-based Buffer Overflow
SERVER-OTHER libVNC LibVNCServer File CVE-2018- Other Web Transfer Extension 4 15127 Server Heap-based Buffer Overflow
SERVER-OTHER limited RSA ciphersuite list - CVE-2012- Other Web 3 possible Bleichenbacher 5081 Server SSL attack attempt
SERVER-OTHER ntpd mrulist control message CVE-2016- Other Web 3 command null pointer 7434 Server dereference attempt
SERVER-OTHER ntpd CVE-2015- Other Web saveconfig directory 2 7851 Server traversal attempt
SERVER-OTHER CVE-2017- Other Web 1 tcpdump ISAKMP parser
January 2020 Page 150 of 245 IPS Signature Update
buffer overflow attempt 5205 Server
SERVER-SAMBA Samba Web Services LDAP AD DC Nested CVE-2020- and 2 Filter CVE-2020-10704 10704 Applications Denial of Service
SERVER-SAMBA Samba Operating LDAP AD DC Privilege CVE-2018- System and 1 Escalation (Decrypted 1057 Services Traffic)
SERVER-SAMBA Samba Operating LDAP AD DC Privilege CVE-2018- System and 2 Escalation (Decrypted 1057 Services Traffic)
SERVER-SAMBA Samba Operating NDR Parsing CVE-2016- System and 2 ndr_pull_dnsp_name 2123 Services Integer Overflow
SERVER-SAMBA Samba Operating SMB1 CVE-2017- System and 3 smb_request_done Use 14746 Services After Free
SERVER-WEBAPP Adobe ColdFusion CVE-2018- Web Services 15959 CVE-2018- and 2 DataServicesCFProxy 15959 Applications Commons BeanUtils Insecure Deserialization
SERVER-WEBAPP Adobe ColdFusion CVE-2018- Web Services 15959 CVE-2018- and 3 DataServicesCFProxy 15959 Applications Commons BeanUtils Insecure Deserialization
SERVER-WEBAPP Adobe Web Services CVE-2019- 2 ColdFusion CVE-2019- and
January 2020 Page 151 of 245 IPS Signature Update
7091 JavaAdapter 7091 Applications JavaBeanAdapter Insecure Deserialization
SERVER-WEBAPP AlienVault OSSIM API Web Services get_host_fqdn host_ip and 1 command injection Applications attempt
SERVER-WEBAPP AlienVault USM and Web Services OSSIM fqdn get_fqdn and 1 Command Injection Applications (Decrypted Traffic)
SERVER-WEBAPP Web Services AlienVault USM and and 2 OSSIM fqdn get_fqdn Applications Command Injection I
SERVER-WEBAPP Web Services AlienVault USM and and 2 OSSIM fqdn get_fqdn Applications Command Injection II
SERVER-WEBAPP Web Services AlienVault USM and and 2 OSSIM fqdn get_fqdn Applications Command Injection III
SERVER-WEBAPP Alienvault CVE-2016- Web Services 8582 Unified Security CVE-2016- and 2 Management and 8582 Applications OSSIM gauge.php SQL Injection
SERVER-WEBAPP Web Services Alienvault OSSIM CVE-2016- and 2 gauge.php value SQL 8582 Applications injection attempt
January 2020 Page 152 of 245 IPS Signature Update
SERVER-WEBAPP Apache CVE-2016- Web Services 1000031 Commons CVE-2016- and 2 Library FileUpload 1000031 Applications unauthorized Java object upload attempt
SERVER-WEBAPP Apache OFBiz stream Web Services contentId (CVE-2020- CVE-2020- and 1 1943)Cross-Site 1943 Applications Scripting (Decrypted Traffic)
SERVER-WEBAPP Apache OFBiz stream Web Services contentId (CVE-2020- CVE-2020- and 1 1943)Cross-Site 1943 Applications Scripting (Encrypted Traffic)
SERVER-WEBAPP Web Services CVE-2016- Apache Struts and 1 3082 XSLTResult File Inclusion Applications
SERVER-WEBAPP Web Services Apache Subversion CVE-2016- and 3 mod_authz_svn COPY 2168 Applications MOVE Denial of Service
SERVER-WEBAPP Apache Superset CVE-2018- Apache HTTP python pickle library 1 8021 Server remote code execution attempt
SERVER-WEBAPP Apache Superset Web Services CVE-2018- python pickle library and 1 8021 remote code execution Applications attempt
January 2020 Page 153 of 245 IPS Signature Update
SERVER-WEBAPP Apache Superset Web Services CVE-2018- python pickle library and 2 8021 remote code execution Applications attempt
SERVER-WEBAPP Web Services CVE-2016- Apache TomEE java and 1 0779 deserialization attempt Applications
SERVER-WEBAPP Web Services Apache Tomcat CVE-2020- and 1 FileStore directory 9484 Applications traversal attempt
SERVER-WEBAPP Belkin Web Services F9K1122 webpage and 1 buffer overflow attempt Applications
SERVER-WEBAPP Belkin Web Services CVE-2019- Wemo UPnP command and 2 12780 injection attempt Applications
SERVER-WEBAPP Borland AccuRev Web Services Reprise License Server and 2 directory traversal Applications attempt
SERVER-WEBAPP Borland AccuRev Web Services SaveContentServiceImpl and 2 servlet directory Applications traversal attempt
SERVER-WEBAPP CA Total Defense Suite Web Services CVE-2011- UNCWS Multiple Report and 1 1653 Stored Procedure SQL Applications Injections
SERVER-WEBAPP CA CVE-2011- Web Services 2
January 2020 Page 154 of 245 IPS Signature Update
Total Defense Suite 1653 and UNCWS Applications UnassignFunctionalRole s Stored Procedure POST SQL Injection Attempt
SERVER-WEBAPP CA Total Defense Suite Web Services UNCWS CVE-2011- and 2 UnassignFunctionalRole 1653 Applications s Stored Procedure SQL Injection Attempt
SERVER-WEBAPP CA Total Defense Suite Web Services UNCWS CVE-2011- and 1 UnassignFunctionalRole 1653 Applications s Stored Procedure SQL Injection
SERVER-WEBAPP CA Web Services Total Defense CVE-2011- and 1 management.asmx sql 1653 Applications injection attempt
SERVER-WEBAPP CA Unified Infrastructure Web Services CVE-2016- Management and 2 5803 download_lar.jsp Applications Directory Traversal
SERVER-WEBAPP CA Web Services CVE-2016- eHealth command and 2 6152 injection attempt Applications
SERVER-WEBAPP CA Web Services eHealth command CVE-2016- and 2 injection command 6152 Applications injection attempt
SERVER-WEBAPP CGit Web Services CVE-2018- 3 CVE-2018-14912 and
January 2020 Page 155 of 245 IPS Signature Update
cgit_clone_objects 14912 Applications function directory traversal attempt
SERVER-WEBAPP Cisco Web Services 220 Series Smart CVE-2019- and 1 Switches command 1914 Applications injection attempt
SERVER-WEBAPP Cisco Web Services 220 Series Smart CVE-2019- and 1 Switches stack buffer 1913 Applications overflow attempt
SERVER-WEBAPP Cisco Web Services 220 Series Smart CVE-2019- and 2 Switches stack buffer 1913 Applications overflow attempt
SERVER-WEBAPP Cisco ASA WebVPN expired Web Services CVE-2019- session page direct and 1 1693 access denial of service Applications attempt
SERVER-WEBAPP Cisco Web Services CVE-2020- ASA and FTD denial of and 2 3572 service attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- ASA and FTD directory and 1 3187 traversal attempt Applications
SERVER-WEBAPP Cisco ASA and FTD web Web Services CVE-2020- services large file and 2 3436 upload denial of service Applications attempt
Web Services SERVER-WEBAPP Cisco CVE-2018- and 1 ASA secure desktop 15388 login denial of service Applications
January 2020 Page 156 of 245 IPS Signature Update
attempt
SERVER-WEBAPP Cisco Adaptive Security Web Services Appliance Webvpn XML CVE-2018- and 2 Parser Double Free 0101 Applications (Decrypted Traffic) CVE- 2018-0101
SERVER-WEBAPP Cisco Adaptive Security Web Services CVE-2018- Appliance Webvpn XML and 2 3609 Parser Double Free CVE- Applications 2018-0101
SERVER-WEBAPP Cisco Adaptive Security Web Services CVE-2019- Appliance admin and 2 1713 command interface Applications access attempt
SERVER-WEBAPP Cisco Web Services Cloud Services Platform CVE-2016- and 2 dnslookup command 6374 Applications injection attempt
SERVER-WEBAPP Cisco Web Services DDR2200 ADSL gateway CVE-2017- and 1 command injection 11588 Applications attempt
SERVER-WEBAPP Cisco Data Center Network Web Services Manager LanFabricImpl CVE-2019- and 1 createLanFabric 15978 Applications command injection attempt
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2019- and 1 Manager SQL injection 15984 Applications attempt
January 2020 Page 157 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2019- and 2 Manager SQL injection 15984 Applications attempt
SERVER-WEBAPP Cisco Data Center Network Web Services Manager CVE-2019- and 1 SecurityManager 15976 Applications Authentication Bypass (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Web Services CVE-2019- Manager and 1 15976 SecurityManager Applications Authentication Bypass
SERVER-WEBAPP Cisco Data Center Network Manager Web Services CVE-2019- TrustedClientTokenValid and 1 15975 ator Authentication Applications Bypass (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Manager Web Services CVE-2019- TrustedClientTokenValid and 1 15975 ator Authentication Applications Bypass (encrypted Traffic)
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2019- and 1 Manager arbitrary WAR 1620 Applications file upload attempt
Web Services SERVER-WEBAPP Cisco CVE-2019- and 1 Data Center Network 1619 Manager authentication Applications
January 2020 Page 158 of 245 IPS Signature Update
bypass attempt
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2020- and 1 Manager command 3384 Applications injection attempt
SERVER-WEBAPP Cisco Data Center Network Web Services Manager CVE-2019- and 1 createLanFabric CVE- 15978 Applications 2019-15978 Command Injection
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2020- and 2 Manager directory 3383 Applications traversal attempt
SERVER-WEBAPP Cisco Data Center Network Manager Web Services CVE- getConfigTemplateFileN and 3 2019,15984 ame CVE-2019-15984 Applications SQL Injection (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Web Services Manager and 3 getConfigTemplateFileN Applications ame CVE-2019-15984 SQL Injection
SERVER-WEBAPP Cisco Data Center Network Web Services Manager CVE-2019- and 3 getConfigTemplateFileN 15984 Applications ame CVE-2019-15984 SQL Injection
SERVER-WEBAPP Cisco Web Services CVE-2019- 1 Data Center Network and
January 2020 Page 159 of 245 IPS Signature Update
Manager getLicenses 15984 Applications SQL Injection (Decrypted Traffic)
SERVER-WEBAPP Cisco Web Services Data Center Network CVE-2019- and 1 Manager getLicenses 15984 Applications SQL Injection
SERVER-WEBAPP Cisco Data Center Network Manager Web Services CVE-2019- getSwitchsDataLength and 1 15984 (CVE-2019-15984) SQL Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Manager Web Services getSwitchsDataLength and 1 (CVE-2019-15984) SQL Applications Injection (Encrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Web Services Manager getTokenInfo CVE-2019- and 1 CVE-2019-15984 SQL 15984 Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Web Services CVE-2019- Manager getTokenInfo and 1 15984 CVE-2019-15984 SQL Applications Injection
SERVER-WEBAPP Cisco Data Center Network Web Services Manager importTS CVE- and 1 2019-15979 Command Applications Injection
January 2020 Page 160 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Data Center Network Web Services CVE-2019- Manager importTS CVE- and 1 15979 2019-15979 Command Applications Injection
SERVER-WEBAPP Cisco Data Center Network Manager Web Services CVE-2019- persistUserInfo CVE- and 3 15984 2019-15984 SQL Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Cisco Data Center Network Web Services Manager CVE-2019- and 1 persistUserInfo CVE- 15984 Applications 2019-15984 SQL Injection
SERVER-WEBAPP Cisco Data Center Network Web Services Manager CVE-2019- and 3 persistUserInfo CVE- 15984 Applications 2019-15984 SQL Injection
SERVER-WEBAPP Cisco Web Services Elastic Services CVE-2019- and 2 Controller REST API 1867 Applications Authentication Bypass
SERVER-WEBAPP Cisco Elastic Services Web Services CVE-2019- Controller and 2 1867 authentication bypass Applications attempt
Web Services SERVER-WEBAPP Cisco CVE-2019- and 1 Enterprise NFV 1893 command injection Applications
January 2020 Page 161 of 245 IPS Signature Update
attempt
SERVER-WEBAPP Cisco Firepower Management Web Services CVE-2019- Center LDAP and 1 16028 authentication bypass Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12679 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12680 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12681 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12682 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12683 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center SQL injection 12684 Applications attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center command 12687 Applications injection attempt
January 2020 Page 162 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center command 12690 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Firepower Management CVE-2019- and 1 Center directory 12689 Applications traversal attempt
SERVER-WEBAPP Cisco Web Services IOS XE REST API CVE-2019- and 1 information disclosure 12643 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE Software CVE-2019- and 1 command injection 12651 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE Web UI CVE-2019- and 2 command injection 1862 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE Web UI CVE-2020- and 1 command injection 3211 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE Web UI CVE-2020- and 1 command injection 3212 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE Web UI CVE-2020- and 1 command injection 3219 Applications attempt
CVE-2019- SERVER-WEBAPP Cisco Web Services 2 IOS XE WebUI 12651 and
January 2020 Page 163 of 245 IPS Signature Update
Command Injection Applications Vulnerability
SERVER-WEBAPP Cisco Web Services IOS XE WebUI Privileged CVE-2019- and 1 Command Injection 12650 Applications Vulnerability
SERVER-WEBAPP Cisco Web Services CVE-2018- IOS XE denial of service and 3 0191 attempt Applications
SERVER-WEBAPP Cisco Web Services IOS XE webui cdp CVE-2019- and 1 resource command 1755 Applications injection attempt
SERVER-WEBAPP Cisco IOS XE webui CVE-2019- Apache HTTP 2 debugBundle command 1753 Server injection attempt
SERVER-WEBAPP Cisco Web Services IOS XE webui CVE-2019- and 1 debugBundle command 1753 Applications injection attempt
SERVER-WEBAPP Cisco Web Services IOS XE webui CVE-2019- and 2 debugBundle command 1753 Applications injection attempt
SERVER-WEBAPP Cisco IOS XE webui dhcp CVE-2019- Apache HTTP 2 resource command 1755 Server injection attempt
SERVER-WEBAPP Cisco Web Services CVE-2019- IOS XE webui directory and 1 1743 traversal attempt Applications
SERVER-WEBAPP Cisco CVE-2019- Apache HTTP 2
January 2020 Page 164 of 245 IPS Signature Update
IOS XE webui rathrottler 1754 Server command injection attempt
SERVER-WEBAPP Cisco Web Services IOS XE webui rathrottler CVE-2019- and 1 command injection 1754 Applications attempt
SERVER-WEBAPP Cisco Web Services IOS XE webui rathrottler CVE-2019- and 2 command injection 1754 Applications attempt
SERVER-WEBAPP Cisco Web Services IP Phone CVE-2020- CVE-2020- and 2 3161 libHTTPService.so 3161 Applications Stack Buffer Overflow
SERVER-WEBAPP Cisco Web Services IP Phone CVE-2020- and 2 libHTTPService.so stack 3161 Applications buffer overflow attempt
SERVER-WEBAPP Cisco Web Services IP Phone web interface CVE-2019- and 1 stack buffer overflow 1716 Applications attempt
SERVER-WEBAPP Cisco Web Services Industrial Network CVE-2019- and 2 Director remote code 1861 Applications execution attempt
SERVER-WEBAPP Cisco Integrated Management Web Services CVE-2019- Controller Redfish API and 1 1885 command injection Applications attempt
SERVER-WEBAPP Cisco CVE-2019- Web Services Integrated Management 1 1907 and Controller
January 2020 Page 165 of 245 IPS Signature Update
authentication bypass Applications attempt
SERVER-WEBAPP Cisco Web Services Integrated Management CVE-2019- and 1 Controller buffer 1871 Applications overflow attempt
SERVER-WEBAPP Cisco Web Services Integrated Management CVE-2018- and 1 Controller command 0430 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Integrated Management CVE-2019- and 1 Controller command 1864 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Integrated Management CVE-2019- and 1 Controller command 1896 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Integrated Management CVE-2019- and 1 Controller denial of 1900 Applications service attempt
SERVER-WEBAPP Cisco Web Services NX-OS Software NX-API CVE-2019- and 1 denial of service 1968 Applications attempt
SERVER-WEBAPP Cisco Web Services NX-OS System Software CVE-2019- and 2 NX-API command 1614 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Prime Collaboration CVE-2019- and 1 Assurance unauthorized 1662 Applications access attempt
January 2020 Page 166 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Prime Collaboration CVE-2018- and 1 Provisioning SQL 0320 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Prime Collaboration CVE-2018- and 2 Provisioning SQL 0320 Applications injection attempt
SERVER-WEBAPP Cisco Prime Data Center Web Services Network Manager CVE-2019- and 1 fileUpload Arbitrary File 1620 Applications Upload (Decrypted Traffic)
SERVER-WEBAPP Cisco Prime Data Center Web Services Network Manager CVE-2019- and 3 fileUpload Arbitrary File 1620 Applications Upload (encrypted Traffic)
SERVER-WEBAPP Cisco Prime Infrastructure Web Services CVE-2019- Health Monitor and 1 1821 TarArchive CVE-2019- Applications 1821 Directory Traversal
SERVER-WEBAPP Cisco Web Services CVE-2019- Prime Infrastructure and 2 1824 SQL injection attempt Applications
SERVER-WEBAPP Cisco Web Services Prime Infrastructure CVE-2018- and 1 directory traversal 0258 Applications attempt
Web Services SERVER-WEBAPP Cisco CVE-2018- and 2 Prime Infrastructure 0258 directory traversal Applications
January 2020 Page 167 of 245 IPS Signature Update
attempt
SERVER-WEBAPP Cisco Web Services Prime Infrastructure CVE-2019- and 1 directory traversal 15958 Applications attempt
SERVER-WEBAPP Cisco Web Services CVE-2018- Prime License Manager and 1 15441 SQL injection attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2018- Prime License Manager and 2 15441 SQL injection attempt Applications
SERVER-WEBAPP Cisco Web Services Prime Network Analysis CVE-2016- and 2 Module command 1388 Applications injection attempt
SERVER-WEBAPP Cisco Web Services Prime Service Catalog CVE-2019- and 1 cross site request 1874 Applications forgery attempt
SERVER-WEBAPP Cisco Web Services Prime Service Catalog CVE-2019- and 1 cross site scripting 1874 Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2020- and 1 authentication bypass 3144 Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2016- and 1 command injection 1395 Applications attempt
CVE-2019- SERVER-WEBAPP Cisco Web Services 1 RV Series Routers 15271 and
January 2020 Page 168 of 245 IPS Signature Update
command injection Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2019- and 2 command injection 1652 Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2020- and 1 command injection 3268 Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2020- and 1 command injection 3274 Applications attempt
SERVER-WEBAPP Cisco Web Services RV Series Routers CVE-2020- and 1 command injection 3332 Applications attempt
SERVER-WEBAPP Cisco Web Services CVE-2019- RV Series Routers denial and 1 1843 of service attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers heap and 1 3357 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services RV Series Routers null CVE-2020- and 1 pointer dereference 3358 Applications attempt
SERVER-WEBAPP Cisco Web Services CVE-2019- RV Series Routers stack and 1 1663 buffer overflow attempt Applications
CVE-2020- SERVER-WEBAPP Cisco Web Services 2 RV Series Routers stack 3145 and
January 2020 Page 169 of 245 IPS Signature Update
buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 2 3269 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 1 3286 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 2 3287 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 1 3288 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 2 3288 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services CVE-2020- RV Series Routers stack and 1 3323 buffer overflow attempt Applications
SERVER-WEBAPP Cisco Web Services RV132W and RV134W CVE-2018- and 2 routers command 0125 Applications injection attempt
SERVER-WEBAPP Cisco Web Services SD-WAN Solution CVE-2019- and 1 command injection 1624 Applications attempt
SERVER-WEBAPP Cisco Web Services SD-WAN Solution CVE-2019- and 1 vManage CVE-2019- 16012 Applications 16012 SQL Injection
SERVER-WEBAPP Cisco CVE-2019- Web Services 2
January 2020 Page 170 of 245 IPS Signature Update
SD-WAN Solution 16012 and vManage CVE-2019- Applications 16012 SQL Injection
SERVER-WEBAPP Cisco Web Services CVE-2019- SD-WAN vManage SQL and 1 16012 injection attempt Applications
SERVER-WEBAPP Cisco Web Services SD-WAN vManage CVE-2020- and 1 cypher query language 3387 Applications injection attempt
SERVER-WEBAPP Cisco Web Services SD-WAN vManage CVE-2020- and 1 directory traversal 26073 Applications attempt
SERVER-WEBAPP Cisco Web Services SPA100 Series analog CVE-2019- and 1 telephone adapters 15240 Applications buffer overflow attempt
SERVER-WEBAPP Cisco Web Services CVE-2019- Security Manager RMI and 4 12630 Insecure Deserialization Applications
SERVER-WEBAPP Cisco Web Services Small Business Series CVE-2019- and 1 Switches denial of 1891 Applications service attempt
SERVER-WEBAPP Cisco Web Services Small Business Series CVE-2020- and 1 Switches denial of 3147 Applications service attempt
SERVER-WEBAPP Cisco Web Services Small Business Switches CVE-2019- and 1 cross site scripting 12636 Applications attempt
January 2020 Page 171 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Small Business Switches CVE-2019- and 1 denial of service 12636 Applications attempt
SERVER-WEBAPP Cisco Web Services Smart Software CVE-2019- and 1 Manager denial of 16029 Applications service attempt
SERVER-WEBAPP Cisco Smart Software Web Services CVE-2019- Manager unauthorized and 1 16029 password change Applications attempt
SERVER-WEBAPP Cisco UCS Director Web Services CVE-2020- ApplianceStorageUtil and 1 3239 unzip(CVE-2020-3239) Applications Directory Traversal
SERVER-WEBAPP Cisco UCS Director Web Services CVE-2020- ApplianceStorageUtil and 5 3239 unzip(CVE-2020-3239) Applications Directory Traversal
SERVER-WEBAPP Cisco UCS Director Web Services CopyFileRunnable run CVE-2020- and 2 Symlink CVE-2020-3247 3247 Applications Remote Code Execution (Decrypted Traffic)
SERVER-WEBAPP Cisco UCS Director Web Services CVE-2020- CopyFileRunnable run and 2 3247 Symlink CVE-2020-3247 Applications Remote Code Execution
SERVER-WEBAPP Cisco CVE-2020- Web Services 2
January 2020 Page 172 of 245 IPS Signature Update
UCS Director 3239 and LargeFileUploadServlet Applications directory traversal attempt
SERVER-WEBAPP Cisco UCS Director Web Services CVE-2020- LargeFileUploadServlet and 2 3247 directory traversal Applications attempt
SERVER-WEBAPP Cisco UCS Director MyCallable Web Services CVE-2020- call CVE-2020-3251 and 2 3251 Directory Traversal Applications (Decrypted Traffic)
SERVER-WEBAPP Cisco UCS Director MyCallable Web Services CVE-2020- call CVE-2020-3251 and 2 3251 Directory Traversal Applications (Encrypted Traffic)
SERVER-WEBAPP Cisco Web Services UCS Director REST API CVE-2020- and 2 directory traversal 3250 Applications attempt
SERVER-WEBAPP Cisco Web Services CVE-2020- UCS Director arbitrary and 2 3251 JSP file upload attempt Applications
SERVER-WEBAPP Cisco Web Services UCS Director CVE-2019- and 1 authentication bypass 1974 Applications attempt
SERVER-WEBAPP Cisco Web Services UCS Director CVE-2020- and 2 authentication bypass 3243 Applications attempt
January 2020 Page 173 of 245 IPS Signature Update
SERVER-WEBAPP Cisco UCS Director Web Services CVE-2020- downloadFile (CVE- and 1 3250 2020-3250)Directory Applications Traversal
SERVER-WEBAPP Cisco UCS Director Web Services downloadFile (CVE- CVE-2020- and 1 2020-3250)Directory 3250 Applications Traversal(Decrypted Traffic)
SERVER-WEBAPP Cisco UCS Director Web Services isEnableRestKeyAccessC CVE-2020- and 2 heckForUser 3243 Applications Authentication Bypass Vulnerability
SERVER-WEBAPP Cisco UCS Director Web Services saveStaticConfig CVE- and 3 2020-3248 Directory Applications Traversal
SERVER-WEBAPP Cisco Web Services Ultra Services CVE-2017- and 1 Framework command 6714 Applications injection attempt
SERVER-WEBAPP Cisco Unified Contact Center Web Services CVE- 2020- Express RMI ( CVE- and 5 3280 2020-3280) Insecure Applications Deserialization
SERVER-WEBAPP Cisco Unified Contact Center Web Services CVE-2020- Express RMI (CVE-2020- and 1 3280 3280) Insecure Applications Deserialization
January 2020 Page 174 of 245 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Unity Express RMI CVE-2018- and 2 Insecure Deserialization 15381 Applications CVE-2018-15381
SERVER-WEBAPP Cisco Web Services Unity Express RMI CVE-2018- and 4 Insecure Deserialization 15381 Applications CVE-2018-15381
SERVER-WEBAPP Cisco Web Services Vision Dynamic Signage CVE-2019- and 1 Director authentication 1917 Applications bypass attempt
SERVER-WEBAPP Cisco Web Services Web Security Appliance CVE-2019- and 1 command injection 1816 Applications attempt
SERVER-WEBAPP Cisco Web Services Web Security Appliance CVE-2019- and 2 command injection 1816 Applications attempt
SERVER-WEBAPP Cisco Web Services Web Security Appliance CVE-2019- and 1 denial of service 1884 Applications attempt
SERVER-WEBAPP Cisco Web Services Web Security Appliance CVE-2019- and 1 proxy service buffer 1817 Applications overflow attempt
SERVER-WEBAPP Cisco Web Services CVE-2019- WebVPN denial of and 1 12698 service attempt Applications
Web Services SERVER-WEBAPP Cisco CVE-2019- and 1 Webex Video Mesh 16005 Node command Applications
January 2020 Page 175 of 245 IPS Signature Update
injection attempt
SERVER-WEBAPP Cisco Web Services Wireless LAN Controller CVE-2019- and 2 cross site request 1797 Applications forgery attempt
SERVER-WEBAPP Cisco Web Services Wireless LAN Controller CVE-2018- and 1 denial of service 0248 Applications attempt
SERVER-WEBAPP Cisco Web Services Wireless LAN Controller CVE-2018- and 3 denial of service 0248 Applications attempt
SERVER-WEBAPP Cisco Web Services Wireless LAN Controller CVE-2019- and 1 denial of service 15276 Applications attempt
SERVER-WEBAPP Citrix Application Delivery Web Services CVE-2019- Controller and Gateway and 1 19781 Directory Traversal Applications (encrypted Traffic)
SERVER-WEBAPP D-Link Web Services Central WiFi Manager CVE-2019- and 1 CMW 100 cross site 13374 Applications scripting attempt
SERVER-WEBAPP D-Link Web Services DIR Series Routers CVE-2016- and 1 HNAP stack buffer 6563 Applications overflow attempt
SERVER-WEBAPP D-Link Web Services DIR-620 CVE-2018-6211 CVE-2018- and 3 index.cgi command 6211 Applications injection attempt
January 2020 Page 176 of 245 IPS Signature Update
SERVER-WEBAPP D-Link Web Services DIR-620 index.cgi CVE-2018- and 2 command injection 6211 Applications attempt
SERVER-WEBAPP D-Link Web Services DIR-816 diagnosis CVE-2018- and 2 command injection 17068 Applications attempt
SERVER-WEBAPP D-Link DIR-816 Web Services CVE-2018- form2systime.cgi and 2 17066 command injection Applications attempt
SERVER-WEBAPP D-Link Web Services DIR-816 syslogIp CVE-2018- and 2 command injection 17064 Applications attempt
SERVER-WEBAPP D-Link DNS-320 ShareCenter CVE-2019- Apache HTTP 2 command injection 16057 Server attempt
SERVER-WEBAPP D-Link Web Services DNS-320 ShareCenter CVE-2019- and 2 command injection 16057 Applications attempt
SERVER-WEBAPP D-Link Web Services DNS-326 check_login and 1 command injection Applications attempt
SERVER-WEBAPP D-Link Web Services Multiple Products and 1 hedwig.cgi cookie buffer Applications overflow attempt
SERVER-WEBAPP D-Link Web Services 1
January 2020 Page 177 of 245 IPS Signature Update
Multiple Products and info.cgi request buffer Applications overflow attempt
SERVER-WEBAPP D-Link Web Services hedwig.cgi NTP service and 1 configuration command Applications injection attempt
SERVER-WEBAPP D-Link Web Services hedwig.cgi directory and 2 traversal attempt Applications
SERVER-WEBAPP D-Link Web Services multiple products CVE-2015- and 1 ping.ccp command 1187 Applications injection attempt
SERVER-WEBAPP D-Link Web Services router stack based and 1 buffer overflow attempt Applications
SERVER-WEBAPP D-Link Web Services soap.cgi service and 1 command injection Applications attempt
SERVER-WEBAPP Dell EMC VMAX CVE-2018- Web Services 1216 Virtual Appliance CVE-2018- and 2 Manager 1216 Applications Authentication Bypass (Decrypted Traffic)
SERVER-WEBAPP Dell EMC VMAX CVE-2018- Web Services CVE-2018- 1216 Virtual Appliance and 2 1216 Manager Applications Authentication Bypass
SERVER-WEBAPP Dell CVE-2018- Web Services EMC VMAX Virtual 1 1215 and Appliance Manager
January 2020 Page 178 of 245 IPS Signature Update
Directory Traversal Applications (Decrypted Traffic)
SERVER-WEBAPP Dell SonicWall GMS set_dns Web Services XMLRPC method and 1 command injection Applications attempt
SERVER-WEBAPP Dell SonicWall GMS Web Services set_time_config CVE-2018- and 1 XMLRPC Method 9866 Applications Command Injection Attempt
SERVER-WEBAPP Dell Storage Manager Web Services CVE-2017- EmWebsiteServlet and 3 10949 Directory Traversal Applications (Decrypted Traffic)
SERVER-WEBAPP Digium Asterisk CVE- Web Services CVE-2018- 2018-7287 WebSocket and 4 7287 Frame Empty Payload Applications Denial of Service
SERVER-WEBAPP Digium Asterisk CVE- Web Services CVE-2018- 2018-7287 WebSocket and 3 7287 Frame Empty Payload Applications Denial of Service
SERVER-WEBAPP Drupal Web Services Core Form Rendering CVE-2018- and 1 Remote Code Execution 7602 Applications CVE-2018-7602
SERVER-WEBAPP Drupal Web Services CVE-2018- Core Form Rendering and 2 7600 Remote Code Execution Applications
January 2020 Page 179 of 245 IPS Signature Update
SERVER-WEBAPP Drupal Web Services Core Web Services CVE- CVE-2019- and 3 2019-6340 Remote 6340 Applications Code Execution
SERVER-WEBAPP Drupal Core Web Services CVE-2019- file_create_filename and 2 6341 Stored Cross-Site Applications Scripting
SERVER-WEBAPP Drupal Web Services Core phar Stream CVE-2019- and 2 Wrapper Insecure 6339 Applications Deserialization
SERVER-WEBAPP Drupal Web Services Unsafe Internal CVE-2018- and 1 Attribute Remote Code 7600 Applications Execution Attempt
SERVER-WEBAPP EMC VMAX3 CVE-2017-4997 Web Services CVE-2017- VASA Provider and 2 4997 UploadConfigurator Applications Directory Traversal I
SERVER-WEBAPP EMC VMAX3 CVE-2017-4997 Web Services CVE-2017- VASA Provider and 2 4997 UploadConfigurator Applications Directory Traversal II
SERVER-WEBAPP EMC VMAX3 VASA Provider Web Services CVE-2017- UploadConfigurator and 1 4997 Directory Traversal Applications (Decrypted Traffic)
Web Services SERVER-WEBAPP CVE-2018- and 1 EventManager 6576 page.php sql injection Applications
January 2020 Page 180 of 245 IPS Signature Update
attempt SQL injection attempt
SERVER-WEBAPP GE MDS PulseNET CVE- Web Services CVE-2018- 2018-10611 Remote and 3 10611 Invocation Insecure Applications Deserialization
SERVER-WEBAPP GIT Web Services CVE-2018-11235 CVE-2018- and 3 Submodules Directory 11235 Applications Traversal I
SERVER-WEBAPP GIT Web Services CVE-2018-11235 CVE-2018- and 3 Submodules Directory 11235 Applications Traversal II
SERVER-WEBAPP GPON Web Services Router Authentication CVE-2018- and 1 Bypass And Command 10562 Applications Injection attempt
SERVER-WEBAPP GPON Web Services Router authentication CVE-2018- and 1 bypass and command 10562 Applications injection attempt
SERVER-WEBAPP HP Web Services Data Protector CVE-2011- and 1 FinishedCopy SQL 3162 Applications Injection attempt
SERVER-WEBAPP HP Web Services Data Protector CVE-2011- and 1 GetPolicies SQL 3157 Applications Injection attempt
Web Services SERVER-WEBAPP HP CVE-2011- and 1 Data Protector 3156 LogClientInstallation Applications
January 2020 Page 181 of 245 IPS Signature Update
SQL Injection attempt
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 1 Products FinishedCopy 3162 Applications SQL Injection
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 1 Products GetPolicies 3157 Applications SQL Injection
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 4 Products GetPolicies 3157 Applications SQL Injection
SERVER-WEBAPP HP Data Protector Multiple Web Services CVE-2011- Products and 1 3156 LogClientInstallation Applications SQL Injection
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 1 Products RequestCopy 3158 Applications SQL Injection
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 4 Products RequestCopy 3158 Applications SQL Injection
SERVER-WEBAPP HP Enterprise Vertica Web Services CVE-2016- validateAdminConfig and 1 2002 Remote Command Applications Injection
SERVER-WEBAPP HP Web Services CVE-2016- Enterprise Vertica and 1 2002 validateAdminConfig Applications command injection
January 2020 Page 182 of 245 IPS Signature Update
attempt
SERVER-WEBAPP HP Web Services IMC guiDataDetail Java CVE-2017- and 1 expression language 12523 Applications injection attempt
SERVER-WEBAPP HP IMC Web Services iccSelectDeviceSeries CVE-2017- and 1 Java expression 12510 Applications language injection attempt
SERVER-WEBAPP HP IMC mediaForAction Web Services CVE-2017- Java expression and 1 12494 language injection Applications attempt
SERVER-WEBAPP HP Web Services IMC mibBrowser CVE-2017- and 1 arbitrary Java object 12556 Applications deserialization attempt
SERVER-WEBAPP HP IMC Web Services operatorGroupSelectCo CVE-2017- and 1 ntent Java expression 12524 Applications language injection attempt
SERVER-WEBAPP HP IMC Web Services userSelectPagingConten CVE-2017- and 2 t Java expression 12521 Applications language injection attempt
SERVER-WEBAPP HP Web Services CVE-2017- IMC wmiConfigContent and 1 12526 Java expression Applications language injection
January 2020 Page 183 of 245 IPS Signature Update
attempt
SERVER-WEBAPP HP Intelligent Management Web Services Center DeviceService CVE-2017- and 1 Java expression 12491 Applications language injection attempt
SERVER-WEBAPP HP Web Services Intelligent Management and 1 Center dbman Buffer Applications Overflow
SERVER-WEBAPP HP Web Services Intelligent Management and 1 Center img Buffer Applications Overflow
SERVER-WEBAPP HP Moonshot Provisioning Web Services Manager Appliance CVE-2017- and 2 khuploadfile.cgi 8975 Applications directory traversal attempt
SERVER-WEBAPP HP Web Services Network Automation CVE-2017- and 1 RedirectServlet SQL 5810 Applications injection attempt
SERVER-WEBAPP HP Web Services OpenView CGI CVE-2010- and 1 parameter buffer 1551 Applications overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2010- getnnmdata.exe CGI and 1 1554 ICount parameter buffer Applications overflow attempt
January 2020 Page 184 of 245 IPS Signature Update
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2010- getnnmdata.exe CGI and 1 1553 MaxAge parameter Applications buffer overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services jovgraph.exe CGI CVE-2010- and 1 hostname parameter 1555 Applications bugger overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2009- nnmRptConfig.exe CGI and 1 3848 Host parameter buffer Applications overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2009- ovlogin.exe CGI Host and 1 4180 parameter buffer Applications overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2009- ovlogin.exe passwd and 1 3846 parameter buffer Applications overflow attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2009- ovlogin.exe userid and 1 3846 parameter buffer Applications overflow attempt
SERVER-WEBAPP HP Web Services OpenView NNM CVE-2010- and 1 ovutil.dll 1961 getProxiedStorageAddre Applications ss buffer overflow
January 2020 Page 185 of 245 IPS Signature Update
attempt
SERVER-WEBAPP HP OpenView NNM Web Services CVE-2009- snmp.exe CGI Host and 1 3849 parameter buffer Applications overflow attempt
SERVER-WEBAPP HP Web Services OpenView NNM CVE-2010- and 1 webappmon.exe buffer 2703 Applications overflow attempt
SERVER-WEBAPP HP OpenView Network Web Services CVE-2008- Node Manager and 1 0067 OpenView5 CGI buffer Applications overflow attempt
SERVER-WEBAPP HP OpenView Network Web Services CVE-2009- Node Manager URI and 1 1420 rping stack buffer Applications overflow attempt
SERVER-WEBAPP HP OpenView Network Web Services Node Manager CVE-2011- and 1 nnmRptConfig.exe 0270 Applications Template format string code execution attempt
SERVER-WEBAPP HP OpenView Network Web Services Node Manager CVE-2011- and 1 nnmRptConfig.exe 0265 Applications multiple parameters buffer overflow attempt
SERVER-WEBAPP HP Web Services CVE-2009- OpenView Network and 1 4179 Node Manager Applications ovalarm.exe Accept-
January 2020 Page 186 of 245 IPS Signature Update
Language buffer overflow attempt
SERVER-WEBAPP HP OpenView Network Web Services Node Manager CVE-2009- and 1 ovwebsnmpsrv.exe 4181 Applications OVwSelection buffer overflow attempt - GET
SERVER-WEBAPP HP OpenView Network Node Manager Web Services CVE-2009- ovwebsnmpsrv.exe and 1 4181 OVwSelection buffer Applications overflow attempt - POST
SERVER-WEBAPP HP OpenView Network Web Services Node Manager CVE-2011- and 1 ovwebsnmpsrv.exe 0262 Applications displayWidth buffer overflow attempt - GET
SERVER-WEBAPP HP OpenView Network Node Manager Web Services CVE-2011- ovwebsnmpsrv.exe and 1 0262 displayWidth buffer Applications overflow attempt - POST
SERVER-WEBAPP HP Web Services OpenView Network CVE-2009- and 2 Node Manager rping 1420 Applications Stack Buffer Overflow
SERVER-WEBAPP HP Web Services OpenView Network CVE-2009- and 1 Node Manager 4177 webappmon.exe host Applications header buffer overflow
January 2020 Page 187 of 245 IPS Signature Update
attempt
SERVER-WEBAPP HP Web Services OpenView Operations CVE-2012- and 1 Agent buffer overflow 2019 Applications attempt
SERVER-WEBAPP HP Web Services CVE-2012- OpenView Operations and 4 2019 Agent request attempt Applications
SERVER-WEBAPP HP OpenView Performance Web Services CVE-2011- Insight Server backdoor and 1 0276 account code execution Applications attempt
SERVER-WEBAPP HP Web Services OpenView Storage Data CVE-2011- and 1 Protector buffer 1865 Applications overflow attempt
SERVER-WEBAPP HP Web Services OpenView Storage Data CVE-2011- and 1 Protector get file buffer 1729 Applications overflow attempt
SERVER-WEBAPP HP Openview Network Web Services CVE-2009- Node Manager and 1 0921 OvAcceptLang overflow Applications attempt
SERVER-WEBAPP HP Web Services Openview CVE-2009- and 1 OvWebHelp.exe buffer 4178 Applications overflow
SERVER-WEBAPP HP Web Services Power Manager CVE-2009- and 1 formExportDataLogs 3999 Applications buffer overflow attempt
January 2020 Page 188 of 245 IPS Signature Update
SERVER-WEBAPP HP Web Services CVE-2009- Power Manager remote and 1 2685 code execution attempt Applications
SERVER-WEBAPP HP ProCurve Manager CVE- Web Services 2013-4811 SNAC CVE-2013- and 1 UpdateDomainControlle 4811 Applications rServlet Code Execution II
SERVER-WEBAPP HP ProCurve Manager CVE- Web Services 2013-4811 SNAC CVE-2013- and 1 UpdateDomainControlle 4811 Applications rServlet Code Execution III
SERVER-WEBAPP HP ProCurve Manager CVE- Web Services CVE-2013- 2013-4811 SNAC and 1 4811 UpdateDomainControlle Applications rServlet Code Execution
SERVER-WEBAPP HP Web Services CVE-2013- SiteScope soap request and 1 2367 code execution attempt Applications
SERVER-WEBAPP HP iNode Management Web Services Center CVE-2011- and 2 iNodeMngChecker.exe 1867 Applications CVE-2011-1867 Buffer Overflow
SERVER-WEBAPP HP openview network node Web Services CVE-2009- manager ovlogin.exe and 1 4176 buffer overflow - Applications password parameter
SERVER-WEBAPP HP CVE-2009- Web Services 1
January 2020 Page 189 of 245 IPS Signature Update
openview network node 4176 and manager ovlogin.exe Applications buffer overflow - userid parameter
SERVER-WEBAPP HPE IMC Web Services CVE-2019- CustomReportTemplate and 1 5373 SelectBean Expression Applications Language Injection
SERVER-WEBAPP HPE Web Services IMC ForwardRedirect and 2 Expression Language Applications Injection
SERVER-WEBAPP HPE IMC Web Services CVE-2019- OperatorGroupTreeSele and 1 5374 ctBean Expression Applications Language Injection
SERVER-WEBAPP HPE Web Services IMC TvxlanLegendBean and 1 Expression Language Applications Injection
SERVER-WEBAPP HPE IMC Web Services deploySelectBootrom and 3 Expression Language Applications Injection
SERVER-WEBAPP HPE Web Services IMC devGroupSelect and 2 Expression Language Applications Injection
SERVER-WEBAPP HPE Web Services IMC sshConfig and 2 Expression Language Applications Injection
January 2020 Page 190 of 245 IPS Signature Update
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017-12490 Center CVE-2017- and 2 getSelInsBean 12490 Applications Expression Language Injection
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center AMF3 and 1 11944 Externalizable Applications Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 2 AccessMgrServlet 11945 Applications className Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center and 2 11956 ByteMessageResource Applications Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center CVE-2017-12558 and 1 12558 WebDMServlet Insecure Applications Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center CVE-2017-12559 and 2 12559 mibFileServlet file Applications Directory Traversal
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 2 Center CommonUtils 5793 Applications ZIP Directory Traversal
January 2020 Page 191 of 245 IPS Signature Update
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2017- and 2 FileDownloadServlet 5795 Applications fileName Directory Traversal
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center and 2 5794 FileUploadServlet Applications Directory Traversal
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 1 IccSelectDevTypeBean 11941 Applications Expression Language Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 1 PlatNavigationToBean 5387 Applications URL Expression Language Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center Platform CVE-2017- and 2 /rptviewer/servlets/redi 8983 Applications rectviewer directory traversal attempt
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 1 Center RMI Registry 5792 Applications Insecure Deserialization
SERVER-WEBAPP HPE Web Services CVE-2019- Intelligent Management and 1 11943 Center SoapConfigBean Applications Expression Language
January 2020 Page 192 of 245 IPS Signature Update
Injection
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center TopoMsgServlet and 1 11942 className Expression Applications Language Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 2 ViewBatchTaskResultDe 5386 Applications tailBean Language Injection
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 1 Center WebDMServlet 12558 Applications Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center dbman Opcode and 1 5355 10003 Filename Denial Applications of Service
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 2 Center dbman Stack 8956 Applications Buffer Overflow
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center getSelInsBean and 2 12490 Expression Language Applications Injection
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 2 Center 12500 ictExpertDownload Applications Expression Language
January 2020 Page 193 of 245 IPS Signature Update
Injection
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 2 Center imcwlandm 5804 Applications Stack Buffer Overflow
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center imcwlandm and 2 5805 UserName Stack Buffer Applications Overflow
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2018- and 3 Center opcode denial- 7123 Applications of-service attempt
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017- Center and 1 8962 perfAccessMgrServlet Applications Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center perfSelectTask and 2 5385 Expression Language Applications Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2017- and 2 userSelectPagingConten 12521 Applications t Expression Language Injection
SERVER-WEBAPP HPE Web Services Moonshot CVE-2017- CVE-2017- and 2 8977 Provisioning 8977 Manager Appliance Applications server_response
January 2020 Page 194 of 245 IPS Signature Update
Directory Traversal
SERVER-WEBAPP HPE Moonshot Provisioning Web Services Manager Appliance CVE-2017- and 2 khuploadfile.cgi 8976 Applications Directory Traversal (Decrypted Traffic)
SERVER-WEBAPP HPE Web Services Network 2017-5811 CVE-2017- and 1 Automation FileServlet 5811 Applications Information Disclosure I
SERVER-WEBAPP HPE Network 2017-5811 Web Services CVE-2017- Automation FileServlet and 1 5811 Information Disclosure Applications II
SERVER-WEBAPP HPE Network Automation Web Services CVE-2017- CVE-2017-5810 and 2 5810 RedirectServlet SQL Applications Injection
SERVER-WEBAPP HPE Network Automation Web Services CVE-2017- PermissionFilter and 3 5812 Authentication Bypass Applications (Decrypted Traffic)
SERVER-WEBAPP HPE Network Automation Web Services CVE-2017- RedirectServlet SQL and 2 5810 Injection (Decrypted Applications Traffic)
SERVER-WEBAPP HPE Web Services CVE-2017- Network CVE-2017- and 3 5812 5812 Automation Applications PermissionFilter
January 2020 Page 195 of 245 IPS Signature Update
Authentication Bypass
SERVER-WEBAPP HPE Operations Web Services Orchestration CVE- CVE-2017- and 2 2017-8994 central- 8994 Applications remoting Insecure Deserialization
SERVER-WEBAPP HPE Web Services System Management CVE-2016- and 2 Homepage buffer 4395 Applications overflow attempt
SERVER-WEBAPP HPE Web Services System Management CVE-2017- and 1 Homepage cross site 12544 Applications scripting attempt
SERVER-WEBAPP Hewlett Packard Enterprise Vertica Web Services CVE-2016- validateAdminConfig and 1 2002 Remote Command Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Horde Web Services Groupware Webmail CVE-2020- and 1 data import PHP code 8518 Applications injection attempt
SERVER-WEBAPP Horde Web Services Groupware Webmail CVE-2020- and 3 data import PHP code 8518 Applications injection attempt
SERVER-WEBAPP Hp Web Services OpenView CGI CVE-2011- and 1 parameter buffer 3166 Applications overflow attempt
January 2020 Page 196 of 245 IPS Signature Update
SERVER-WEBAPP IBM Informix Dynamic Web Services CVE-2017- Server index.php and 1 1092 testconn Heap Buffer Applications Overflow
SERVER-WEBAPP IBM Informix OpenAdmin Web Services CVE-2017- Tool and 3 1092 welcomeService.php Applications Command Execution
SERVER-WEBAPP IBM OpenAdmin Tool SOAP Web Services CVE-2017- welcomeService.php and 1 1092 PHP code injection Applications attempt
SERVER-WEBAPP IBM Web Services QRadar SIEM CVE-2018- CVE-2018- and 3 1418 command 1418 Applications injection attempt
SERVER-WEBAPP IBM Spectrum Protect Plus Web Services CVE-2020-4241 CVE-2020- and 1 Command Injection 4241 Applications Attempt (Encrypted Traffic)
SERVER-WEBAPP IBM Spectrum Protect Plus Web Services CVE-2020- CVE-2020-4241 and 1 4241 Command Injection Applications Attempt
SERVER-WEBAPP IBM Spectrum Protect Plus Web Services hfpackage CVE-2020- CVE-2020- and 1 4212 Command 4212 Applications Injection (Decrypted Traffic)
January 2020 Page 197 of 245 IPS Signature Update
SERVER-WEBAPP IBM Spectrum Protect Plus Web Services CVE-2020- hfpackage CVE-2020- and 1 4212 4212 Command Applications Injection
SERVER-WEBAPP IBM Spectrum Protect Plus Web Services CVE-2020- hostname CVE-2020- and 1 4211 4211 Command Applications Injection
SERVER-WEBAPP IBM Web Services WebSphere Application CVE-2019- and 2 Server remote code 4279 Applications execution attempt
SERVER-WEBAPP Web Services Joomla 3.7.0 com_fields CVE-2017- and 1 view SQL injection 8917 Applications attempt
SERVER-WEBAPP Web Services Joomla 3.7.0 com_fields CVE-2017- and 2 view SQL injection 8917 Applications attempt
SERVER-WEBAPP Web Services CVE-2018- Joomla Aist id SQL and 2 5993 Injection Applications
SERVER-WEBAPP Web Services Joomla CW Articles CVE-2018- and 2 Attachments SQL 14592 Applications injection attempt
SERVER-WEBAPP Web Services Joomla CW Tags CVE-2018- and 2 Searchtext SQL injection 7313 Applications attempt
SERVER-WEBAPP CVE-2018- Web Services 1
January 2020 Page 198 of 245 IPS Signature Update
Joomla CheckList 7318 and Extension SQL Injection Applications
SERVER-WEBAPP Web Services Joomla Component CVE-2018- and 2 Collection Factory SQL 17383 Applications injection attempt
SERVER-WEBAPP Web Services Joomla Component JMS CVE-2018- and 1 Music 1.1.1 SQL 6581 Applications injection attempt
SERVER-WEBAPP Web Services Joomla Component CVE-2018- and 2 Swap Factory SQL 17384 Applications injection attempt
SERVER-WEBAPP Web Services Joomla DT Register SQL CVE-2018- and 1 injection attempt CVE- 6584 Applications 2018-6584
SERVER-WEBAPP Web Services CVE-2018- Joomla Gridbox app and 1 11690 Cross Site Scripting Applications
SERVER-WEBAPP Web Services Joomla JE PayperVideo CVE-2018- and 1 extension SQL injection 6578 Applications attempt
SERVER-WEBAPP Web Services Joomla JEXTN CVE-2018- and 1 Membership extension 6577 Applications SQL injection attempt
SERVER-WEBAPP Web Services Joomla JEXTN Reverse CVE-2018- and 1 Auction extension SQL 6579 Applications injection attempt
January 2020 Page 199 of 245 IPS Signature Update
SERVER-WEBAPP Web Services Joomla Jimtawl id CVE-2018- and 1 parameter SQL injection 17399 Applications attempt
SERVER-WEBAPP Web Services Joomla PostInstall CVE-2018- and 2 Message SQL injection 6376 Applications attempt CVE-2018-6376
SERVER-WEBAPP Web Services Joomla ProjectLog CVE-2018- and 1 search SQL injection 6024 Applications attempt
SERVER-WEBAPP Web Services Joomla ProjectLog CVE-2018- and 2 search SQL injection 6024 Applications attempt
SERVER-WEBAPP Web Services Joomla Saxum Astro CVE-2018- and 1 Component SQL 7180 Applications injection attempt
SERVER-WEBAPP Web Services Joomla Saxum Astro CVE-2018- and 2 Component SQL 7180 Applications injection attempt
SERVER-WEBAPP Web Services Joomla Saxum Picker CVE-2018- and 2 SQL injection attempt 7178 Applications CVE-2018-7178
SERVER-WEBAPP Web Services CVE-2018- Joomla Saxum Picker and 1 7178 SQL injection attempt Applications
SERVER-WEBAPP Web Services Joomla and 1 com_realestatemanager Applications
January 2020 Page 200 of 245 IPS Signature Update
module SQL injection attempt
SERVER-WEBAPP Web Services Joomla component CVE-2018- and 2 Alexandria Book Library 7312 Applications SQL injection attempt
SERVER-WEBAPP Web Services Joomla component CVE-2018- and 2 AlphaIndex Dictionaries 17397 Applications SQL injection attempt
SERVER-WEBAPP Web Services Joomla component CVE-2018- and 1 Jimtawl 2.2.5 arbitrary 6580 Applications PHP file upload attempt
SERVER-WEBAPP Web Services Joomla component CVE-2018- and 2 Reverse Auction Factory 17376 Applications SQL injection attempt
SERVER-WEBAPP Joomla component Web Services CVE-2018- Timetable Schedule and 2 17394 3.6.8 SQL injection Applications attempt
SERVER-WEBAPP Web Services CVE-2018- Joomla jextn-classifieds and 1 6575 SQL injection attempt Applications
SERVER-WEBAPP Web Services Joomla! CMS CVE-2018- CVE-2018- and 2 8045 User Notes List 8045 Applications View SQL Injection
SERVER-WEBAPP Web Services CVE-2017- Joomla! com_fields SQL and 2 8917 Injection Applications
January 2020 Page 201 of 245 IPS Signature Update
SERVER-WEBAPP Web Services Kaspersky Anti-Virus CVE-2017- and 2 directory traversal 9812 Applications attempt
SERVER-WEBAPP Web Services Kaspersky Linux File CVE-2017- and 3 Server WMC cross site 9813 Applications scripting attempt
SERVER-WEBAPP Web Services Kaspersky Linux File CVE-2017- and 2 Server WMC directory 9812 Applications traversal attempt
SERVER-WEBAPP Kibana Console for CVE-2018- Other Web 2 Elasticsearch local file 17246 Server inclusion attempt
SERVER-WEBAPP Web Services KingComposer Plugin CVE-2020- and 1 For WordPress CVE- 15299 Applications 2020-15299 XSS
SERVER-WEBAPP Web Services Linksys E series denial of and 2 service attempt Applications
SERVER-WEBAPP Web Services Linksys E-Series and 1 apply.cgi Cross Site Applications Scripting Attempt
SERVER-WEBAPP Web Services Linksys E-Series and 2 apply.cgi directory Applications traversal attempt
SERVER-WEBAPP Web Services Linksys E1500/E2500 and 1 apply.cgi submit_button Applications
January 2020 Page 202 of 245 IPS Signature Update
page redirection attempt
SERVER-WEBAPP Linksys WRT120N Web Services tmUnblock.cgi and 1 TM_Block_URL Applications parameter fprintf stack buffer overflow attempt
SERVER-WEBAPP Linksys WVBR0-25 Web Services CVE-2017- Wireless Video Bridge and 1 17411 command injection Applications attempt
SERVER-WEBAPP ManageEngine Web Services Applications Manager CVE-2016- and 1 Apache Commons 9498 Applications Collections Insecure Deserialization
SERVER-WEBAPP ManageEngine Web Services CVE-2016- Applications Manager and 1 9488 MenuHandlerServlet Applications SQL Injection
SERVER-WEBAPP ManageEngine Web Services CVE-2017- Applications Manager and 2 16849 mypage.do SQL Applications injection attempt
SERVER-WEBAPP ManageEngine Web Services CVE-2017- Applications Manager and 2 16850 showActionProfiles.do Applications SQL injection attempt
SERVER-WEBAPP Web Services CVE-2017- 2 ManageEngine and
January 2020 Page 203 of 245 IPS Signature Update
Applications Manager 16847 Applications showresource.do SQL injection attempt
SERVER-WEBAPP ManageEngine Web Services Applications Manager CVE-2018- and 1 testCredential.do 7890 Applications command injection attempt
SERVER-WEBAPP ManageEngine Desktop Web Services Central CVE-2015- and 2 FileUploadServlet 8249 Applications directory traversal attempt
SERVER-WEBAPP ManageEngine Desktop Web Services Central MSP CVE-2014- and 2 StatusUpdateServlet 9404 Applications directory traversal attempt
SERVER-WEBAPP Web Services ManageEngine Multiple CVE-2014- and 2 Products directory 5301 Applications traversal attempt
SERVER-WEBAPP ManageEngine NetFlow Web Services Analyzer CVE-2014- and 3 DisplayChartPDF 5446 Applications directory traversal attempt
SERVER-WEBAPP ManageEngine Web Services ServiceDesk and 2 ExportImport.do Applications directory traversal attempt
January 2020 Page 204 of 245 IPS Signature Update
SERVER-WEBAPP ManageEngine Web Services ServiceDesk and 2 FileDownload.jsp fName Applications directory traversal attempt
SERVER-WEBAPP ManageEngine Web Services ServiceDesk Plus and 2 FileUploader servlet Applications directory traversal attempt
SERVER-WEBAPP Micro Focus Secure Messaging Web Services CVE-2018- Gateway enginelist.php and 1 12464 SQL Injection CVE-2018- Applications 12464
SERVER-WEBAPP Microsoft SharePoint Web Services CVE-2019- BdcAdminService and 1 1295 remote code execution Applications attempt
SERVER-WEBAPP Web Services Microsoft SharePoint CVE-2019- and 1 CVE-2019-1443 1443 Applications Information Disclosure
SERVER-WEBAPP Microsoft Sharepoint Web Services CVE-2020- machineKey and 1 17061 information disclosure Applications attempt
SERVER-WEBAPP Mitsubishi Electric CVE- Web Services CVE-2017- 2017-9638 E-Designer and 3 9638 SetupAlarm Font Stack Applications Buffer Overflow
January 2020 Page 205 of 245 IPS Signature Update
SERVER-WEBAPP Mitsubishi Electric CVE- Web Services CVE-2017- 2017-9638 E-Designer and 4 9638 SetupAlarm Font Stack Applications Buffer Overflow
SERVER-WEBAPP Mitsubishi Electric E- Web Services CVE-2017- Designer BEComliSlave and 4 9638 Status_bit Stack Buffer Applications Overflow
SERVER-WEBAPP Nagios Web Services XI Autodiscovery CVE- CVE-2019- and 2 2019-9164 Job 9164 Applications Command Injection
SERVER-WEBAPP Nagios Web Services CVE-2018- XI CVE-2018-8734 SQL and 1 8734 injection attempt Applications
SERVER-WEBAPP Nagios Web Services XI CVE-2018-8734 CVE-2018- and 1 command injection 8734 Applications attempt
SERVER-WEBAPP Nagios Web Services XI CVE-2018-8734 CVE-2018- and 1 database settings 8734 Applications modification attempt
SERVER-WEBAPP Nagios Web Services CVE-2018- XI Cmdsubsys Command and 2 15709 Injection Applications
SERVER-WEBAPP Nagios Web Services CVE-2018- XI Magpie cURL and 2 15708 Argument Injection Applications
SERVER-WEBAPP Nagios Web Services XI SNMP Trap SQL and 3 Injection Applications
January 2020 Page 206 of 245 IPS Signature Update
SERVER-WEBAPP Nagios Web Services XI alert cloud cross site and 2 scripting attempt Applications
SERVER-WEBAPP Nagios Web Services XI command_test.php and 2 Command Injection Applications
SERVER-WEBAPP Nagios XI utils- Web Services rrdexport.inc.php and 2 get_rrd_data Command Applications Injection
SERVER-WEBAPP Web Services NagiosXI CVE-2018- CVE-2018- and 1 8734 SQL injection 8734 Applications attempt
SERVER-WEBAPP NetGain Systems Web Services Enterprise Manager CVE-2017- and 1 CVE-2017-16598 16598 Applications snmpwalk ip Directory Traversal
SERVER-WEBAPP NetGain Systems Web Services Enterprise Manager CVE-2017- and 2 CVE-2017-16602 16602 Applications exec_jsp Command Execution
SERVER-WEBAPP NetGain Systems Web Services Enterprise Manager CVE-2017- and 3 CVE-2017-17406 RMI 17406 Applications Registry Insecure Deserialization
CVE-2017- SERVER-WEBAPP Web Services 2 NetGain Systems 16597 and
January 2020 Page 207 of 245 IPS Signature Update
Enterprise Manager Applications TFtpServer Filename Directory Traversal CVE- 2017-16597
SERVER-WEBAPP Web Services Netgear DGN1000B and 2 setup.cgi cross site Applications scripting attempt
SERVER-WEBAPP Web Services Netgear DGN2200 CVE-2017- and 2 dnslookup.cgi command 6334 Applications injection attempt
SERVER-WEBAPP Web Services Netgear DGN2200 CVE-2017- and 2 ping.cgi command 6077 Applications injection attempt
SERVER-WEBAPP Web Services Netgear DGN2200B and 2 stored cross-site Applications scripting attempt
SERVER-WEBAPP Netgear ReadyNAS Web Services CVE-2016- Surveillance cgi_main and 1 5679 command injection Applications attempt
SERVER-WEBAPP Netgear ReadyNAS Web Services CVE-2016- Surveillance cgi_main and 1 5680 stack buffer overflow Applications attempt
SERVER-WEBAPP Netgear ReadyNAS Web Services Surveillance cgi_system and 1 command injection Applications attempt
January 2020 Page 208 of 245 IPS Signature Update
SERVER-WEBAPP Netgear ReadyNAS Web Services Surveillance CVE-2016- and 1 debugging_center_utils 5674 Applications command injection attempt
SERVER-WEBAPP Netgear ReadyNAS Web Services Surveillance CVE-2016- and 1 handle_daylightsaving 5675 Applications command injection attempt
SERVER-WEBAPP Web Services Netgear WNR2000 CVE-2016- and 2 authentication bypass 10176 Applications attempt
SERVER-WEBAPP Web Services Netgear WNR2000 CVE-2016- and 2 hidden_lang_avi stack 10174 Applications buffer overflow attempt
SERVER-WEBAPP Web Services Netgear WNR2000 CVE-2016- and 2 information leak 10175 Applications attempt
SERVER-WEBAPP Novell File Reporter Agent Web Services CVE-2011- CVE-2011-0994 XML and 1 0994 Parsing Stack Buffer Applications Overflow
SERVER-WEBAPP Novell Web Services File Reporter SRS CVE-2012- and 1 request heap overflow 4956 Applications attempt
CVE-2012- SERVER-WEBAPP Novell Web Services 1 GroupWise Internet 0271 and
January 2020 Page 209 of 245 IPS Signature Update
Agent content-length Applications integer overflow attempt
SERVER-WEBAPP Novell GroupWise Messenger Web Services nmma.exe login and 1 memory corruption Applications attempt
SERVER-WEBAPP Novell Web Services Groupwise Messenger and 3 Parameter Memory Applications Corruption Attempt
SERVER-WEBAPP Novell Web Services Groupwise Messenger and 1 parameter memory Applications corruption attempt
SERVER-WEBAPP Novell NetIQ Sentinel Server Web Services ReportViewServlet CVE-2016- and 3 directory traversal 1605 Applications attempt directory traversal attempt
SERVER-WEBAPP Novell Web Services CVE-2016- Service Desk directory and 3 1593 traversal attempt Applications
SERVER-WEBAPP Novell Web Services ZENworks Asset CVE-2019- and 1 Management Remote 7231 Applications Execution
SERVER-WEBAPP Novell Web Services ZENworks Configuration and 1 Management CVE-2010- Applications 5323 Remote Execution
SERVER-WEBAPP Novell Web Services CVE-2015- 1 ZENworks Configuration and
January 2020 Page 210 of 245 IPS Signature Update
Management 0780 Applications GetStoredResult.class SQL injection attempt
SERVER-WEBAPP Novell Web Services ZENworks Configuration CVE-2015- and 2 Management Rtrlet 0781 Applications Directory Traversal
SERVER-WEBAPP Novell Web Services ZENworks Configuration CVE-2015- and 1 Management queryid 0782 Applications SQL injection attempt
SERVER-WEBAPP Novell ZENworks Configuration Web Services CVE-2015- Management and 2 0781 rtrlet.class directory Applications traversal attempt
SERVER-WEBAPP Novell ZENworks Configuration Web Services CVE-2015- Management and 2 0783 rtrlet.class directory Applications traversal attempt
SERVER-WEBAPP Novell ZENworks Configuration Web Services CVE-2015- Management and 2 0785 rtrlet.class directory Applications traversal attempt
SERVER-WEBAPP Novell ZENworks Configuration Web Services CVE-2015- Management and 1 0782 schedule.ScheduleQuer Applications y SQL Injection
SERVER-WEBAPP Novell Web Services Zenworks Mobile and 2 Management cross site Applications scripting attempt
January 2020 Page 211 of 245 IPS Signature Update
SERVER-WEBAPP OpenMRS Reference Web Services Application CVE-2020- and 5 sessionLocation CVE- 5730 Applications 2020-5730 Reflected Cross-Site Scripting
SERVER-WEBAPP Oracle Web Services Business Intelligence CVE-2020- and 1 BIRemotingServlet AMF 2950 Applications Insecure Deserialization
SERVER-WEBAPP Oracle Business Intelligence Web Services CVE-2019- and XML Publisher XML and 2 2616 external entity injection Applications attempt
SERVER-WEBAPP Oracle Web Services Business Intelligence CVE-2019- and 2 directory traversal 2588 Applications attempt
SERVER-WEBAPP Oracle Web Services Business Intelligence CVE-2019- and 1 remote jsp file include 2771 Applications attempt
SERVER-WEBAPP Oracle E-Business Suite Web Services Advanced Outbound CVE-2020- and 1 Telephony CVE-2020- 2854 Applications 2854 Cross-Site Scripting
SERVER-WEBAPP Oracle E-Business Suite Web Services Advanced Outbound CVE-2020- and 1 Telephony CVE-2020- 2856 Applications 2856 Cross-Site Scripting
January 2020 Page 212 of 245 IPS Signature Update
SERVER-WEBAPP Oracle E-Business Suite Web Services Advanced Outbound CVE-2020- and 2 Telephony CVE-2020- 2871 Applications 2871 Cross-Site Scripting
SERVER-WEBAPP Oracle E-Business Suite Web Services Advanced Outbound CVE-2020- and 2 Telephony Calendar 2852 Applications CVE-2020-2852 Cross- Site Scripting
SERVER-WEBAPP Oracle Web Services E-Business Suite CVE- and 2 2019-2633 SQL Applications Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite CVE-2019- and 2 General Ledger SQL 2638 Applications Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite CVE-2019- and 4 General Ledger SQL 2638 Applications Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 1 Resources (CVE-2020- 2956 Applications 2956) SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 5 Resources (CVE-2020- 2956 Applications 2956) SQL Injection
Web Services SERVER-WEBAPP Oracle CVE-2020- and 1 E-Business Suite Human 2586 Resources CVE-2020- Applications
January 2020 Page 213 of 245 IPS Signature Update
2586 SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 4 Resources CVE-2020- 2586 Applications 2586 SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 1 Resources CVE-2020- 2587 Applications 2587 SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 4 Resources CVE-2020- 2587 Applications 2587 SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 2 Resources CVE-2020- 2882 Applications 2882 SQL Injection
SERVER-WEBAPP Oracle Web Services E-Business Suite Human CVE-2020- and 5 Resources CVE-2020- 2882 Applications 2882 SQL Injection
SERVER-WEBAPP Oracle Web Services Fusion Middleware CVE-2017- and 1 MapViewer arbitrary 3230 Applications JSP file upload attempt
SERVER-WEBAPP Oracle Web Services Fusion Middleware CVE-2017- and 1 MapViewer directory 3230 Applications traversal attempt
SERVER-WEBAPP Oracle Web Services Identity Manager CVE- CVE-2017- and 1 2017-10151 Default 10151 Applications Credentials I
January 2020 Page 214 of 245 IPS Signature Update
SERVER-WEBAPP Oracle Web Services Identity Manager CVE- CVE-2017- and 3 2017-10151 Default 10151 Applications Credentials II
SERVER-WEBAPP Oracle Web Services JDeveloper ADF Faces CVE-2019- and 1 Untrusted 2904 Applications Deserialization
SERVER-WEBAPP Oracle Web Services Java Web Server CVE-2010- and 1 WebDAV Stack Buffer 0361 Applications Overflow attempt
SERVER-WEBAPP Oracle Opera Property Web Services CVE-2016- Management System and 3 5563 ProcessInfo command Applications injection attempt
SERVER-WEBAPP Oracle Web Services Secure Backup Admin CVE-2011- and 1 Server command 2261 Applications injection attempt
SERVER-WEBAPP Oracle Web Services Secure Backup web tool CVE-2011- and 1 command injection 2261 Applications attempt
SERVER-WEBAPP Oracle Web Services WebLogic (CVE-2020- CVE-2020- and 1 14625) Insecure 14625 Applications Deserialization
SERVER-WEBAPP Oracle Web Services WebLogic CVE-2020- CVE-2020- and 1 14644 Insecure 14644 Applications Deserialization
SERVER-WEBAPP Oracle CVE-2020- Web Services 1
January 2020 Page 215 of 245 IPS Signature Update
WebLogic CVE-2020- 2798 and 2798 Insecure Applications Deserialization
SERVER-WEBAPP Oracle Web Services WebLogic CVE-2020- and 1 2883 Insecure Applications Deserialization
SERVER-WEBAPP Oracle Web Services WebLogic CVE-2020- and 1 2884 Insecure Applications Deserialization
SERVER-WEBAPP Oracle Web Services WebLogic CVE-2020- and 2 2963 Insecure Applications Deserialization
SERVER-WEBAPP Oracle WebLogic Remote Web Services CVE-2018- Diagnosis Assistant and 2 2615 rda_tfa_ref_date Applications Command Injection
SERVER-WEBAPP Oracle WebLogic Server Web Services CVE-2018- Activator Insecure and 1 2893 Deserialization CVE- Applications 2018-2893
SERVER-WEBAPP Oracle Web Services WebLogic Server CVE- CVE-2017- and 2 2017-10271 Remote 10271 Applications Command Execution
SERVER-WEBAPP Oracle Web Services WebLogic Server CVE-2019- and 1 DeploymentService 2618 Applications Directory Traversal
SERVER-WEBAPP Oracle Web Services CVE-2019- 2 WebLogic Server and
January 2020 Page 216 of 245 IPS Signature Update
DeploymentService 2618 Applications Directory Traversal
SERVER-WEBAPP Oracle Web Services WebLogic Server CVE-2018- and 3 arbitrary JSP file upload 2894 Applications attempt
SERVER-WEBAPP Oracle WebLogic Server Web Services CVE-2018- unauthenticated and 1 2894 modified JSP access Applications attempt
SERVER-WEBAPP Oracle Weblogic CVE-2019- Web Services CVE-2019- 2647 and 1 2647 ForeignRecoveryContext Applications External Entity Injection
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- CVE-2019- and 2 2729 Insecure 2729 Applications Deserialization
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- and 1 EJBTaglibDescriptor 2888 Applications External Entity Injection
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- and 4 EJBTaglibDescriptor 2888 Applications External Entity Injection
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- and 2 UnknownMsgHeader 2649 Applications External Entity Injection
SERVER-WEBAPP Oracle CVE-2019- Web Services Weblogic 2 2650 and WsrmSequenceContext
January 2020 Page 217 of 245 IPS Signature Update
External Entity Injection Applications
SERVER-WEBAPP Oracle Weblogic Web Services CVE-2019- WsrmServerPayloadCon and 2 2648 text External Entity Applications Injection
SERVER-WEBAPP PHP CVE-2017-5340 Web Services CVE-2017- zend_hash_destroy and 2 5340 Uninitialized Pointer Applications Code Execution
SERVER-WEBAPP PHP Web Services CVE-2018-7584 CVE-2018- and 3 http_fopen_wrapper 7584 Applications Stack Buffer Overflow
SERVER-WEBAPP PHP Web Services CVE-2019-9022 CVE-2019- and 1 dns_get_record Out of 9022 Applications Bounds Read
SERVER-WEBAPP PHP Web Services CVE-2019-9022 CVE-2019- and 3 dns_get_record Out of 9022 Applications Bounds Read
SERVER-WEBAPP PHP Web Services FPM init_request_info CVE-2019- and 1 PATH_INFO Buffer 11043 Applications Underflow
SERVER-WEBAPP PHP Web Services CVE-2017- Unserialize Integer and 1 5340 Overflow Attempt Applications
SERVER-WEBAPP PHP Web Services CVE-2016- phar extension remote and 2 4072 code execution attempt Applications
January 2020 Page 218 of 245 IPS Signature Update
SERVER-WEBAPP PHP unserialize function use Web Services CVE-2016- after free memory and 2 7479 corruption vulnerability Applications attempt
SERVER-WEBAPP PHP Web Services CVE-2016- unserialize var_hash and 2 6290 use-after-free attempt Applications
SERVER-WEBAPP PHP zend_hash_destroy Web Services CVE-2017- Uninitialized Pointer and 2 5340 Code Execution Applications (Published Exploit)
SERVER-WEBAPP PHP- Web Services Fusion Administration CVE-2020- and 1 Banner Stored Cross- 12438 Applications Site Scripting
SERVER-WEBAPP Palo Alto Networks Firewall Web Services CVE-2017- router.php XML and 2 15944 attribute injection Applications attempt
SERVER-WEBAPP Web Services PhpWiki Ploticus plugin CVE-2014- and 2 command injection 5519 Applications attempt
SERVER-WEBAPP Pivotal Web Services Spring Data REST PATCH CVE-2017- and 1 request remote code 8046 Applications execution attempt
SERVER-WEBAPP Pulse Web Services Secure Guacamole URI CVE-2019- and 2 Information Disclosure 11510 Applications (encrypted Traffic)
January 2020 Page 219 of 245 IPS Signature Update
SERVER-WEBAPP QNAP Web Services NAS authLogin.cgi CVE-2017- and 1 command injection 6361 Applications attempt
SERVER-WEBAPP QNAP Web Services NAS userConfig.cgi CVE-2017- and 1 command injection 6360 Applications attempt
SERVER-WEBAPP QNAP Web Services NAS utilRequest.cgi CVE-2017- and 1 command injection 6359 Applications attempt
SERVER-WEBAPP QNAP Web Services QCenter API CVE-2018- and 2 set_VM_network 0708 Applications Command Injection
SERVER-WEBAPP QNAP QCenter API Web Services CVE-2018- set_VM_network and 1 0708 command injection Applications attempt
SERVER-WEBAPP QNAP QCenter API Web Services CVE-2018- set_VM_passwd and 1 0707 command injection Applications attempt
SERVER-WEBAPP QNAP Web Services WTS 4.2.1 command and 2 injection attempt Applications
SERVER-WEBAPP Quest CVE-2018-11143 DR Web Services CVE-2018- Series Disk Backup and 3 11143 Login.pm Command Applications Injection Attempt
January 2020 Page 220 of 245 IPS Signature Update
SERVER-WEBAPP Quest CVE-2018-11144 DR Series Disk Backup Web Services CVE-2018- UsersService.pm and 3 11144 Update Method Applications Command Injection Attempt
SERVER-WEBAPP Quest CVE-2018-11145 DR Web Services Series Disk Backup CVE-2018- and 3 UsersService.pm delete 11145 Applications method command injection attempt
SERVER-WEBAPP Quest CVE-2018-11146 DR Series Disk Backup Web Services CVE-2018- UsersService.pm and 3 11146 update_pw method Applications command injection attempt
SERVER-WEBAPP Quest CVE-2018-11149 DR Web Services Series Disk Backup CVE-2018- and 3 SchedulesService.pm 11145 Applications Command Injection Attempt
SERVER-WEBAPP Quest CVE-2018-11151 DR Web Services Series Disk Backup CVE-2018- and 3 PasswordService.pm 11145 Applications command injection attempt
SERVER-WEBAPP Quest CVE-2018-11153 DR Web Services Series Disk Backup CVE-2018- and 3 LicenseService.pm 11153 Applications Command Injection Attempt
January 2020 Page 221 of 245 IPS Signature Update
SERVER-WEBAPP Quest DR Series Disk Backup Web Services CVE-2018- EmailRelayHostService. and 1 11156 pm command injection Applications attempt
SERVER-WEBAPP Quest KACE Systems Management Appliance Web Services CVE-2018- CVE-2018-11138 and 3 11138 download_agent_install Applications er.php Command Injection Attempt
SERVER-WEBAPP Quest KACE Systems Web Services Management Appliance CVE-2018- and 2 download_agent_install 11138 Applications er.php command injection attempt
SERVER-WEBAPP Quest NetVault Backup CVE- Web Services CVE-2017- 2017-17652 and 1 17652 NVBUBackup Count Applications Method SQL Injection
SERVER-WEBAPP Quest NetVault Backup Web Services Multipart CVE-2018- CVE-2018- and 3 1163 Request 1163 Applications checksession Authentication Bypass
SERVER-WEBAPP Quest NetVault Backup Server Web Services CVE-2017- NVBUBackupOptionSet and 2 17653 SQL injection attempt Applications CVE-2017-17653
SERVER-WEBAPP Rank Web Services Math Wordpress SEO 1 and Plugin updateMeta
January 2020 Page 222 of 245 IPS Signature Update
REST Endpoint Access Applications Control Weakness
SERVER-WEBAPP Rank Math Wordpress SEO Web Services Plugin updateMeta and 2 REST Endpoint Access Applications Control Weakness
SERVER-WEBAPP SAP Web Services NetWeaver Message CVE-2013- and 1 Server Memory 1592 Applications Corruption
SERVER-WEBAPP SERVER-WEBAPP Novell NetIQ Sentinel Server Web Services CVE-2016- ReportViewServlet and 3 1605 directory traversal Applications attempt directory traversal attempt
SERVER-WEBAPP SQL Server Reporting Web Services CVE-2020- Services web and 1 0618 application remote code Applications execution attempt
SERVER-WEBAPP Web Services Samsung SmartThings CVE-2018- and 4 Hub video-core Camera 3903 Applications URL Buffer Overflow
SERVER-WEBAPP Samsung SmartThings Web Services CVE-2018- Hub video-core Camera and 4 3902 URL Replace Code Applications Execution
SERVER-WEBAPP Web Services CVE-2018- Samsung SmartThings and 4 3875 Hub video-core Applications credentials Code
January 2020 Page 223 of 245 IPS Signature Update
Execution
SERVER-WEBAPP Web Services Samsung SmartThings CVE-2018- and 2 Hub videoHostUrl Code 3872 Applications Execution
SERVER-WEBAPP Secure Backup login.php Web Services CVE-2008- uname variable based and 1 5449 command injection Applications attempt
SERVER-WEBAPP Web Services Seowonintech CVE-2016- and 1 system_config.cgi local 10760 Applications file include attempt
SERVER-WEBAPP Web Services Seowonintech CVE-2016- and 2 system_config.cgi local 10760 Applications file include attempt
SERVER-WEBAPP SoftNAS StorageCenter Web Services CVE-2018- snserv.php command and 2 14417 injection attempt CVE- Applications 2018-14417
SERVER-WEBAPP Solarwinds Web Services Virtualization Manager CVE-2016- and 1 Apache Commons 3642 Applications Collections Insecure Deserialization
SERVER-WEBAPP SonicWall Secure Web Services CVE-2016- Remote Access and 1 9682 diagnostics command Applications injection attempt
January 2020 Page 224 of 245 IPS Signature Update
SERVER-WEBAPP SonicWall Secure Web Services Remote Access gencsr and 1 command injection Applications attempt
SERVER-WEBAPP SonicWall Secure Web Services Remote Access and 1 sitecustomization Applications command injection attempt
SERVER-WEBAPP SonicWall Secure Web Services CVE-2016- Remote Access viewcert and 1 9684 command injection Applications attempt
SERVER-WEBAPP Web Services Sophos Web Security and 1 Appliance command Applications injection attempt
SERVER-WEBAPP Web Services Sophos Web Security CVE-2016- and 1 Appliance command 9553 Applications injection attempt
SERVER-WEBAPP Squid Web Services Proxy Digest CVE-2019- and 1 Authentication Denial of 12525 Applications Service
SERVER-WEBAPP Squid Proxy URN Response CVE-2019- Other Web 1 Processing Heap Buffer 12526 Server Overflow
Web Services SERVER-WEBAPP Squid CVE-2019- and 1 Proxy URN Response 12526 Processing Heap Buffer Applications
January 2020 Page 225 of 245 IPS Signature Update
Overflow
SERVER-WEBAPP Squid Web Services Proxy URN Response CVE-2019- and 4 Processing Heap Buffer 12526 Applications Overflow
SERVER-WEBAPP Squid Proxy cachemgr.cgi Web Services CVE- 2019- Reflected Cross-Site and 1 13345 Scripting in user_name Applications parameter
SERVER-WEBAPP Symantec Messaging Web Services Gateway CVE-2017- and 1 performBackupNow.do 6326 Applications command injection attempt
SERVER-WEBAPP Trend Micro Apex One and Web Services CVE-2020- OfficeScan CVE-2020- and 1 8599 8599 Directory Traversal Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Web Services Micro Apex One and CVE-2020- and 1 OfficeScan CVE-2020- 8599 Applications 8599 Directory Traversal
SERVER-WEBAPP Trend Micro Control Manager Web Services CVE-2018-3602 CVE-2018- and 2 AdHocQuery_Processor 3602 Applications GetProductCategory SQL Injection
SERVER-WEBAPP Trend Micro Control Manager Web Services ProductTree_RightWind and 3 ow XML External Entity Applications Processing (Decrypted
January 2020 Page 226 of 245 IPS Signature Update
Traffic)
SERVER-WEBAPP Trend Micro Control Manager Web Services XML External Entity and 3 Processing (Decrypted Applications Traffic)
SERVER-WEBAPP Trend Web Services Micro Control Manager CVE-2017- and 2 cmdHandlerLicenseMan 11384 Applications ager SQL Injection
SERVER-WEBAPP Trend Web Services Micro Control Manager CVE-2017- and 2 cmdHandlerStatusMoni 11385 Applications tor SQL Injection
SERVER-WEBAPP Trend Web Services Micro Control Manager CVE-2017- and 2 cmdHandlerTVCSComm 11383 Applications ander SQL Injection
SERVER-WEBAPP Trend Micro IWSVA Web Services DeploymentWizardActi and 1 on GetClusterInfo Applications Command Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro IWSVA Web Services DomainList and 2 TestingADKerberos Applications Command Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Web Services Micro IWSVA domains and 2 Command Injection I Applications
SERVER-WEBAPP Trend Web Services 2 Micro IWSVA domains and
January 2020 Page 227 of 245 IPS Signature Update
Command Injection II Applications
SERVER-WEBAPP Trend Web Services Micro IWSVA domains and 2 Command Injection III Applications
SERVER-WEBAPP Trend Micro IWSVA Web Services testConfiguration and 2 Command Injection Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Micro Mobile Security Web Services CVE-2017-14078 CVE-2017- and 2 Enterprise 14078 Applications eas_agent_unregister slink_id SQL Injection
SERVER-WEBAPP Trend Micro Mobile Security Enterprise Web Services CVE-2017- eas_agent_sync_client_i and 1 14078 nfo slink_id SQL Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro Mobile Security Web Services Enterprise and 2 eas_agent_sync_client_i Applications nfo slink_id SQL Injection I
SERVER-WEBAPP Trend Micro Mobile Security Web Services Enterprise and 2 eas_agent_sync_client_i Applications nfo slink_id SQL Injection II
SERVER-WEBAPP Trend Web Services CVE-2017- 2 Micro Mobile Security and
January 2020 Page 228 of 245 IPS Signature Update
Enterprise 14078 Applications eas_agent_unregister slink_id SQL Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro Mobile Security Web Services Enterprise CVE-2017- and 1 get_dep_profile id SQL 14078 Applications Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Web Services Micro OfficeScan CVE- CVE-2017- and 2 2017-11394 Proxy.php 11394 Applications Command Injection
SERVER-WEBAPP Trend Web Services Micro OfficeScan Zip CVE-2019- and 4 Directory Traversal 18187 Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Web Services Micro OfficeScan and 2 attempt Applications
SERVER-WEBAPP Trend Micro SafeSync JSON Web Services API ad_sync_now and 1 command injection Applications attempt
SERVER-WEBAPP Trend Web Services Micro SafeSync and 1 command injection Applications attempt
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise ad.pm id and 1 Remote Command Applications Execution (Decrypted
January 2020 Page 229 of 245 IPS Signature Update
Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise and 2 check_nfs_server_statu Applications s Command Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise and 1 deviceTool.pm devid Applications Command Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise license and 2 Command Injection Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise and 2 restartService Applications Command Injection (Decrypted Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise rollback and 1 Command Injection Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Micro SafeSync for Web Services Enterprise rollback and 2 Command Injection Applications (Decrypted Traffic)
SERVER-WEBAPP Trend Web Services CVE-2017- 1 Micro Smart Protection and
January 2020 Page 230 of 245 IPS Signature Update
Server 14094 Applications admin_update_program .php command injection attempt
SERVER-WEBAPP Trend Web Services Micro Smart Protection CVE-2017- and 2 Server directory 14095 Applications traversal attempt
SERVER-WEBAPP Trend Micro Threat Discovery Web Services Appliance CVE-2016- and 1 admin_sys_time.cgi 7547 Applications command injection attempt
SERVER-WEBAPP Trend Micro Virtual Mobile Infrastructure Web Services CVE-2016- apns_worker.py and 2 6270 Command Injection Applications (Decrypted Traffic) (Published Exploit)
SERVER-WEBAPP Trend Web Services Micro hotfix_upload.cgi CVE-2016- and 1 command injection 5840 Applications attempt
SERVER-WEBAPP Trend Micro Web Services CVE-2017- proxy_controller.php and 1 11394 Command Injection Applications Attempt
SERVER-WEBAPP Trend Micro Web Services CVE-2017- proxy_controller.php and 2 11394 command injection Applications attempt
January 2020 Page 231 of 245 IPS Signature Update
SERVER-WEBAPP Trend Micro Web Services CVE-2017- proxy_controller.php and 2 11394 command injection Applications attempt
SERVER-WEBAPP VMTurbo Operations Web Services CVE-2014- Manager vmtadmin.cgi and 1 5073 command injection Applications attempt
SERVER-WEBAPP Web Services VMWare NSX SD-WAN CVE-2018- and 1 Edge command 6961 Applications injection attempt
SERVER-WEBAPP Veritas NetBackup Web Services CVE-2016- Appliance getLicense and 1 7399 command injection Applications attempt
SERVER-WEBAPP Web Services WIFICAM Wireless IP CVE-2017- and 2 Camera command 18377 Applications injection attempt
SERVER-WEBAPP WP Web Services plugin Wechat CVE-2018- and 2 Broadcast directory 16283 Applications traversal attempt
SERVER-WEBAPP WP Web Services plugin Wechat CVE-2018- and 2 Broadcast remote file 16283 Applications inclusion attempt
SERVER-WEBAPP Web Services Western Digital Arkeia and 2 Appliance directory Applications traversal attempt
January 2020 Page 232 of 245 IPS Signature Update
SERVER-WEBAPP Web Services Western Digital CVE-2016- and 1 MyCloud command 10108 Applications injection attempt
SERVER-WEBAPP Western Digital Web Services MyCloud login_mgr.cgi and 2 command injection Applications attempt
SERVER-WEBAPP Western Digital Web Services MyCloud and 1 nas_sharing.cgi Applications command injection attempt
SERVER-WEBAPP WordPress 10Web Web Services Photo Gallery Plugin CVE-2020- and 3 CVE-2020-9335 Two 9335 Applications Stored Cross-Site Scripting
SERVER-WEBAPP Web Services WordPress 10Web and 1 Photo Gallery SQL Applications Injection
SERVER-WEBAPP WordPress Calculated Web Services CVE-2020- Fields Form CVE-2020- and 1 7228 7228 Cross Site Applications Scripting
SERVER-WEBAPP Web Services WordPress Comment CVE-2019- and 2 Content Filter Remote 9787 Applications Code Execution
SERVER-WEBAPP CVE-2019- Web Services 2
January 2020 Page 233 of 245 IPS Signature Update
WordPress Crop Image 8943 and arbitrary file write Applications attempt
SERVER-WEBAPP Web Services WordPress GDPR Cookie and 1 Consent Plugin Stored Applications Cross-Site Scripting
SERVER-WEBAPP Web Services WordPress Google and 2 Maps Plugin CVE-2019- Applications 10692 SQL Injection
SERVER-WEBAPP Web Services WordPress Ninja Forms CVE-2019- and 2 Plugin Remote Code 10869 Applications Execution
SERVER-WEBAPP WordPress Ninja Forms Web Services CVE-2016- nf_async_upload and 2 1209 arbitrary PHP file Applications upload attempt
SERVER-WEBAPP Web Services WordPress Plugin CVE-2020- and 1 ThemeREX PHP Code 10257 Applications Injection
SERVER-WEBAPP Web Services WordPress Print-My- CVE-2019- and 2 Blog plugin server side 11565 Applications request forgery attempt
SERVER-WEBAPP Web Services WordPress Rencontre CVE-2019- and 1 plugin SQL injection 13413 Applications attempt
SERVER-WEBAPP CVE-2019- Web Services WordPress Rencontre 2 13413 and plugin SQL injection
January 2020 Page 234 of 245 IPS Signature Update
attempt Applications
SERVER-WEBAPP Web Services WordPress Rencontre CVE-2019- and 1 plugin cross site 13413 Applications scripting attempt
SERVER-WEBAPP Web Services WordPress Ultimate CVE-2017- and 1 Form Builder Plugin SQL 15919 Applications Injection Attempt
SERVER-WEBAPP Web Services WordPress Ultimate CVE-2017- and 1 Form Builder plugin SQL 15919 Applications injection attempt
SERVER-WEBAPP WordPress Web Services _wp_attached_file CVE- CVE-2019- and 2 2019-8942 8942 Applications wp_crop_image Directory Traversal
SERVER-WEBAPP Web Services WordPress embedded and 2 URL video cross site Applications scripting attempt
SERVER-WEBAPP Web Services WordPress load- CVE-2018- and 3 scripts.php Denial of 6389 Applications Service
SERVER-WEBAPP Web Services WordPress login denial and 2 of service attempt Applications
SERVER-WEBAPP Web Services CVE-2019- WordPress meta_input and 1 8942 Path Traversal Attempt Applications
January 2020 Page 235 of 245 IPS Signature Update
SERVER-WEBAPP Web Services WordPress plugin Grace CVE-2019- and 1 Media Player local file 9618 Applications inclusion attempt
SERVER-WEBAPP Web Services WordPress plugin WP and 2 with Spritz remote file Applications include attempt
SERVER-WEBAPP Web Services Wordpress Excerpt CVE-2017- and 3 cross site scripting 5612 Applications attempt
SERVER-WEBAPP Web Services Wordpress Nexos CVE-2020- and 1 theme SQL injection 15363 Applications attempt
SERVER-WEBAPP Web Services Wordpress Nexos CVE-2020- and 1 theme cross site 15364 Applications scripting attempt
SERVER-WEBAPP Web Services Wordpress NextGEN and 2 gallery directory Applications traversal attempt
SERVER-WEBAPP Web Services Wordpress Scoreme and 2 cross site scripting Applications attempt
SERVER-WEBAPP Web Services Wordpress User History CVE-2017- and 2 plugin cross site 15867 Applications scripting attempt
CVE-2019- SERVER-WEBAPP Web Services 2 Wordpress image edit 8942 and
January 2020 Page 236 of 245 IPS Signature Update
directory traversal Applications attempt
SERVER-WEBAPP Web Services Wordpress plugin WP and 2 with Spritz directory Applications traversal attempt
SERVER-WEBAPP Web Services Wordpress wp-banners- and 2 lite plugin cross site Applications scripting attempt
SERVER-WEBAPP Wordpress wpdb Web Services CVE-2017- prepare sprintf and 2 14723 placeholder SQL Applications injection attempt
SERVER-WEBAPP XML Web Services entity parsing CVE-2017- and 1 information disclosure 7664 Applications attempt
SERVER-WEBAPP Web Services XStream Void CVE-2017- CVE-2017- and 2 9793 Primitive Denial of 9793 Applications Service
SERVER-WEBAPP Web Services XStream void primitive CVE-2017- and 2 denial of service 9793 Applications attempt
SERVER-WEBAPP Web Services YouPHPTube Encoder CVE-2019- and 1 getImage.php 5127 Applications Command Injection
Web Services SERVER-WEBAPP CVE-2019- and 1 YouPHPTube Encoder 5129 getImageMP4.php Applications
January 2020 Page 237 of 245 IPS Signature Update
Command Injection
SERVER-WEBAPP Zavio Web Services CVE-2013- Cam command injection and 1 2568 attempt Applications
SERVER-WEBAPP Web Services Zeroshell Linux Router CVE-2019- and 1 command injection 12725 Applications attempt
SERVER-WEBAPP Web Services Zeroshell Linux Router CVE-2019- and 2 command injection 12725 Applications attempt
SERVER-WEBAPP Zoho ManageEngine Web Services Applications Manager CVE-2020- and 1 AlertRes_Mtrgrp.jsp sid 15533 Applications CVE-2020-15533 SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services Applications Manager CVE-2019- and 2 CVE-2019-11448 11448 Applications Popup_SLA.jsp sid SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services Applications Manager CVE-2019- and 1 FaultTemplateOptions.js 11469 Applications p resourceid SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services CVE-2020- Applications Manager and 1 27995 MyPage.do CVE-2020- Applications 27995 SQL Injection
January 2020 Page 238 of 245 IPS Signature Update
SERVER-WEBAPP Zoho ManageEngine CVE- Web Services 2018-7890 CVE-2018- and 2 ApplicationManager 7890 Applications testCredential.do Command Injection
SERVER-WEBAPP Zoho ManageEngine Desktop Web Services Central AppDependency CVE-2020- and 5 CVE-2020-10859 10859 Applications Arbitrary File Write (Directory Traversal)
SERVER-WEBAPP Zoho ManageEngine NetFlow Web Services Analyzer CVE-2019- and 2 ReportApiHandler 12196 Applications compareReport SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services CVE-2018- OpManager APIDBUtil and 2 17243 getDevicesForSearchStri Applications ng SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services OpManager CVE-2018- and 2 BusinessViewFlashImpl 18980 Applications handleBVAction XXE Injection
SERVER-WEBAPP Zoho ManageEngine Web Services OpManager CVE-2018- and 1 FailOverHelperServlet 12998 Applications Cross-Site Scripting CVE- 2018-12998
SERVER-WEBAPP Zoho Web Services CVE-2018- 2 ManageEngine and
January 2020 Page 239 of 245 IPS Signature Update
OpManager 9088 Applications OpManagerFailoverUtil customerName SQL Injection CVE-2018- 9088
SERVER-WEBAPP Zoho ManageEngine OpManager Web Services CVE-2018- RelationalMailServer and 2 18949 addMailServerSettings Applications SQL Injection CVE-2018- 18949
SERVER-WEBAPP Zoho ManageEngine Web Services CVE-2018- OpManager and 1 20173 getGraphData SQL Applications Injection
SERVER-WEBAPP Zoho ManageEngine Web Services OpManagerDBUtil CVE-2018- and 2 getProbeNATDetails SQL 9087 Applications Injection CVE-2018- 9087
SERVER-WEBAPP dnaLIMS Web Services CVE-2017- viewAppletFsa.cgi and 2 6527 directory traversal Applications attempt
SERVER-WEBAPP Web Services elFinder PHP connector CVE-2019- and 2 command injection 9194 Applications attempt
SERVER-WEBAPP escan Web Services Web Management and 1 Console command Applications injection
January 2020 Page 240 of 245 IPS Signature Update
SERVER-WEBAPP Web Services iSharer and upRedSun CVE-2019- and 1 File Sharing Wizard 5129 Applications Buffer Overflow
SERVER-WEBAPP multiple vendor Web Services CVE-2006- calendar application id and 3 3094 parameter SQL injection Applications attempt
SERVER-WEBAPP Web Services netgear_unauth_exec CVE-2016- and 1 CVE-2016-1555 1555 Applications command injection
SERVER-WEBAPP Web Services newsPHP Language file and 2 include attempt Applications
SERVER-WEBAPP Web Services rConfig CVE-2019- and 1 ajaxServerSettingsChk.p 16662 Applications hp Command Injection
SERVER-WEBAPP rConfig Web Services commands.inc.php CVE- CVE-2020- and 1 2020-10220 SQL 10220 Applications Injection (Decrypted Traffic)
SERVER-WEBAPP rConfig Web Services commands.inc.php CVE- CVE-2020- and 2 2020-10220 SQL 10220 Applications Injection (Decrypted Traffic)
SERVER-WEBAPP CVE-2020- Apache HTTP 2 rConfig 10220 Server commands.inc.php CVE-
January 2020 Page 241 of 245 IPS Signature Update
2020-10220 SQL Injection
SERVER-WEBAPP rConfig Web Services CVE-2020- commands.inc.php CVE- and 2 10220 2020-10220 SQL Applications Injection
SERVER-WEBAPP rConfig Web Services CVE-2020- commands.inc.php SQL and 1 10220 Injection (Decrypted Applications Traffic)
SERVER-WEBAPP rConfig Web Services compliancepolicies.inc.p and 2 hp CVE-2020-10546 SQL Applications Injection
SERVER-WEBAPP rConfig Web Services CVE-2020- compliancepolicies.inc.p and 2 10546 hp CVE-2020-10546 SQL Applications Injection
SERVER-WEBAPP rConfig Web Services compliancepolicyeleme CVE-2020- and 3 nts.inc.php CVE-2020- 10547 Applications 10547 SQL Injection (Decrypted Traffic)
SERVER-WEBAPP rConfig Web Services CVE-2020- compliancepolicyeleme and 3 10547 nts.inc.php CVE-2020- Applications 10547 SQL Injection
SERVER-WEBAPP CVE-2020- Web Services rConfig snippets.inc.php 2 10549 and CVE-2020-10549 SQL
January 2020 Page 242 of 245 IPS Signature Update
Injection Applications
SERVER-WEBAPP Web Services vBulletin template CVE-2019- and 1 rendering arbitrary PHP 16759 Applications code execution attempt
SERVER-WEBAPP Web Services vBulletin updateAvatar CVE-2019- and 1 PHP Remote Code 17132 Applications Execution Attempt
SERVER-WEBAPP Web Services wordpress kses bypass CVE-2015- and 3 cross site scripting 5714 Applications attempt
SQL Oracle MySQL Database CVE-2017- Pluggable Auth denial of Management 1 3599 service attempt System
January 2020 Page 243 of 245 IPS Signature Update
Name: Name of the Signature
CVE–ID: CVE Identification Number - Common Vulnerabilities and Exposures (CVE) provides reference of CVE Identifiers for publicly known information security vulnerabilities.
Category: Class type according to threat
Severity: Degree of severity - The levels of severity are described in the table below:
Severity Level Severity Criteria
1 Low
2 Moderate
3 High
4 Critical
January 2020 Page 244 of 245 IPS Signature Update
Important Notice Sophos Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Sophos Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document. Sophos Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice.
RESTRICTED RIGHTS
©1997 - 2020 Sophos Ltd. All rights reserved. All rights reserved. Sophos, Sophos logo are trademark of Sophos Technologies Pvt. Ltd.
Corporate Headquarters Sophos Technologies Pvt. Ltd.
Registered in England and Wales No. 2096520,
The Pentagon, Abingdon Science Park,
Abingdon, OX14 3YP, UK Web site: www.sophos.com
January 2020 Page 245 of 245