WAF Signature V7-WAF-1.0.39

Release time:2025-04-01
HomeSupportSecuritySignature Database ServicesSoftware DownloadSignature Database Services
Download
Title Size Downloads
V7-WAF-1.0.39.dat 2.16 MB

Version number
V7-WAF-1.0.39

MD5 number
c8486856497003f70a8dbf96e37c2025

Update time
2025-03-21

Update attack list

Key new rules:
------------------------------
49530 CVE-2024-1481_Red_Hat_FreeIPA_Denial_of_Service_Vulnerability
---- Category: Vulnerability
---- Description:
---- Red Hat FreeIPA is an integrated security information management solution from the American company Red Hat. This product mainly provides functions such as identity management, policy management and audit management (IPA) for Linux and Unix computer networks. Red Hat FreeIPA has a security vulnerability that allows remote attackers to construct HTTP requests to cause a denial of service.

 

49532 CVE-2024-21733_Apache_Tomcat_Coyote_Information_Disclosure_Vulnerability
---- Category: Vulnerability
---- Description:
---- Apache Tomcat is an open source Java Servlet container and web server used to run Java applications and dynamic web pages. Coyote is a connector for Tomcat that handles requests from clients and passes them to the Tomcat engine for processing. In the affected version, Coyote.Http11InputBuffer.fill did not reset the position and limit of the buffer after throwing a CloseNowException exception, resulting in the server possibly being able to obtain another user's request data. An attacker can craft a specific request to output the body data of other requests in the error message.

 

49543 CVE-2024-2015_ZhiCms_mcontroller.php_getindexdata_SQL_Vulnerability
---- Category: Vulnerability
---- Description:
---- A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-255269 was assigned to this vulnerability.

 

49555 CVE-2024-20767_Adobe_ColdFusion_Arbitrary_File_Reading_Vulnerability(read_file)
---- Category: Vulnerability
---- Description:
---- Adobe ColdFusion is a fast application development platform developed by Adobe Inc. in the United States. This platform includes an integrated development environment and scripting languages. Adobe ColdFusion 2023.6, 2021.12, and earlier versions have an access control error vulnerability, which is due to an incorrect access control vulnerability that may cause arbitrary file system reads.

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Intelligent Storage
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
  • Technical Blogs
All Support
  • Become A Partner
  • Partner Policy & Program
  • Global Learning
  • Partner Sales Resources
  • Partner Business Management
  • Service Business
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网