New Filters:
43098: HTTP: SonicWall GMS and Analytics searchFilter Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in SonicWall GMS and Analytics.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34127 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: August 15, 2023
43111: HTTP: Atlassian Jira Stagil Navigation Menus and Themes Plugin Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Atlassian Jira Stagil Navigation Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-26255, CVE-2023-26256
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 15, 2023
43112: HTTP: Suspicious WordPress Abandoned Cart Lite Checkout Link Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious HTTP using the WordPress Abandoned Cart Lite for WooCommerce checkout link.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2986
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 15, 2023
43113: HTTP: Zabbix Geomap Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Zabbix Geomap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-29452 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 15, 2023
43114: TCP: LangChain PALChain Command Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command execution vulnerability in LangChain PALChain.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-36258
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: August 15, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
11069: HTTP: Computer Associates Total Defense Suite SQL Injection Vulnerability (ZDI-11-128)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 19, 2011
- Last Modified Date: August 15, 2023
* 12780: HTTP: Adobe Reader/Acrobat WKT String Buffer Overflow
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: August 13, 2013
- Last Modified Date: August 15, 2023
13688: HTTP: EMC Connectrix Manager Converged Network Edition Directory Traversal (ZDI-13-279)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2014
- Last Modified Date: August 15, 2023
13902: HTTP: Microsoft Internet Explorer VML onpropertychange Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 28, 2014
- Last Modified Date: August 15, 2023
16784: HTTP: Novell GroupWise FileUploadServlet Directory Traversal Vulnerability (ZDI-14-296)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 30, 2014
- Last Modified Date: August 15, 2023
16814: HTTP: Mozilla Firefox SVGLength Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: October 07, 2014
- Last Modified Date: August 15, 2023
* 19328: HTTP: Suspicious Jar File Transfer
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: March 03, 2015
- Last Modified Date: August 15, 2023
20192: DNS: ISC BIND Suspicious TKEY Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 04, 2015
- Last Modified Date: August 15, 2023
22776: DNS: ISC BIND buffer.c REQUIRE Assertion Failure Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: February 16, 2016
- Last Modified Date: August 15, 2023
22803: DNS: ISC BIND apl_42.c INSIST Assertion Failure Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: February 16, 2016
- Last Modified Date: August 15, 2023
24071: DNS: ISC BIND DNAME RRSIG Assertion Failure Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 12, 2016
- Last Modified Date: August 15, 2023
* 26891: DNS: ISC BIND RRSIG Record Response Assertion Failure Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: February 14, 2017
- Last Modified Date: August 15, 2023
35593: HTTP: Adobe Reader AcroRd32.dll Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: June 25, 2019
- Last Modified Date: August 15, 2023
* 42211: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-23-724)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42211: ZDI-CAN-18872: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: August 15, 2023
* 42215: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-23-723)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "42215: ZDI-CAN-18871: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: August 15, 2023
* 42955: HTTP: Adobe ColdFusion Improper Access Control Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 18, 2023
- Last Modified Date: August 15, 2023
42982: HTTP: Avaya Aura Devices Security Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: July 18, 2023
- Last Modified Date: August 15, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
35590: HTTP: Adobe Reader AcroRd32.dll Buffer Overflow Vulnerability (Upload)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: June 25, 2019
- Last Modified Date: August 15, 2023
41674: HTTP: Delta Industrial Automation CNCSoft DPB Buffer Overflow Vulnerability (ZDI-23-1021)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41674: ZDI-CAN-18014: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 30, 2022
- Last Modified Date: August 15, 2023
41889: HTTP: Siemens Solid Edge Viewer STP File Parsing Memory Corruption Vulnerability (ZDI-23-1023)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41889: ZDI-CAN-19561: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 17, 2023
- Last Modified Date: August 15, 2023
* 42754: HTTP: Delta Electronics InfraSuite Device Master Information Disclosure Vulnerability (ZDI-23-904)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: May 30, 2023
- Last Modified Date: August 15, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.