New Filters:
41999: HTTP: Fortinet FortiClient VPN Improper Access Control Vulnerability (ZDI-23-1104)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an SMB request for FortiClien_ DBLogDaemon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-43946 CVSS 8.8
- Zero Day Initiative: ZDI-23-1104
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 29, 2023
42832: HTTP: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Vulnerability (ZDI-23-1119)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Ivanti Avalanche.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32564 CVSS 7.2
- Zero Day Initiative: ZDI-23-1119
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 29, 2023
43117: HTTP: Zoho ManageEngine OpManager SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Zoho ManageEngine OpManager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-17283
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: August 29, 2023
43139: HTTP: Apache httpd mod_lua req_parsebody Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Apache httpd.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-22719 CVSS 7.5
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 29, 2023
43163: HTTP: Django parse_accept_lang_header Accept-Language Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Moderate
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Django.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-23969 CVSS 7.5
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 29, 2023
43164: HTTP: SonicWall GMS and Analytics detectInjection SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in SonicWall GMS and Analytics.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34133 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: August 29, 2023
43165: HTTP: SonicWall GMS and Analytics detectInjection SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in SonicWall GMS and Analytics.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34133 CVSS 8.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: August 29, 2023
43175: HTTP: WordPress Forminator Plugin Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a reflected cross-site scripting vulnerability in WordPress plugin Forminator.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3134
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 29, 2023
43177: ZDI-CAN-21294: Zero Day Initiative Vulnerability (D-Link G416)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting D-Link G416.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 29, 2023
43181: ZDI-CAN-21869: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 29, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
12065: HTTP: Microsoft Internet Explorer Memory Corruption Vulnerability (ZDI-12-035)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 14, 2012
- Last Modified Date: August 29, 2023
12788: HTTP: lighttpd Connection Header Parsing Denial-of-Service
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 26, 2013
- Last Modified Date: August 29, 2023
13147: HTTP: Malicious Jar File Download
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: August 29, 2013
- Last Modified Date: August 29, 2023
13795: HTTP: Apache HTTP Server mod_proxy Denial-of-Service Vulnerability (ZDI-14-239)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 08, 2014
- Last Modified Date: August 29, 2023
19546: HTTP: Panasonic Security API SDK Iprosapi ActiveX FilePassword Method Instantiation (ZDI-15-260)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: March 10, 2015
- Last Modified Date: August 29, 2023
19670: HTTP: Samsung iPOLiS Device Manager WriteConfigValue Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 21, 2015
- Last Modified Date: August 29, 2023
19983: HTTP: WebGate Multiple Products WESPMonitorCtrl Buffer Overflow (ZDI-15-059, ZDI-15-068)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: June 24, 2015
- Last Modified Date: August 29, 2023
20617: HTTPS: Symantec Endpoint Protection Password Reset
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: September 08, 2015
- Last Modified Date: August 29, 2023
26797: HTTP: Webmin show.cgi Command Execution Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: February 07, 2017
- Last Modified Date: August 29, 2023
* 27223: HTTP: Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass (ZDI-17-445)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: February 28, 2017
- Last Modified Date: August 29, 2023
30300: UDP: Microsoft Host Integration Server Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "30300: HTTP: Microsoft Host Integration Server Denial-of-Service Vulnerability".
- Detection logic updated.
- Release Date: January 30, 2018
- Last Modified Date: August 29, 2023
33628: HTTP: Microsoft Internet Explorer Style Position Memory Corruption Vulnerability (ZDI-12-035)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33628: HTTP: Microsoft Internet Explorer Style Position Memory Corruption Vulnerability".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 04, 2018
- Last Modified Date: August 29, 2023
* 35364: HTTP: Ruby on Rails ActiveStorage Insecure Deserialization Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 11, 2019
- Last Modified Date: August 29, 2023
41391: HTTP: LDAP Injection in HTTP parameter
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 14, 2022
- Last Modified Date: August 29, 2023
42430: HTTP: Softing Secure Integration Server Exposure of Resource Vulnerability (Pwn2Own ZDI-23-1060)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42430: PWN2OWN ZDI-CAN-20547: Zero Day Initiative Vulnerability (Softing Secure Integration Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 07, 2023
- Last Modified Date: August 29, 2023
42466: HTTP: Softing edgeAggregator Restore Configuration Directory Traversal (Pwn2Own ZDI-23-1058)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42466: PWN2OWN ZDI-CAN-20543: Zero Day Initiative Vulnerability (Softing EdgeAggregator)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: August 29, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
41953: HTTP: Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Buffer Overflow Vulnerability (ZDI-23-78)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41953: ZDI-CAN-19211: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft-B)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 15, 2022
- Last Modified Date: August 29, 2023
42177: HTTP: Samsung Galaxy S22 McsWebViewActivity Security Bypass Vulnerability (Pwn2Own ZDI-23-772)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: January 17, 2023
- Last Modified Date: August 29, 2023
42201: HTTP: Siemens Solid Edge Viewer DWG File Parsing Use-After-Free Vulnerability (ZDI-23-1115)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42201: ZDI-CAN-19562: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 24, 2023
- Last Modified Date: August 29, 2023
42431: HTTP: Softing Secure Integration Server Directory Traversal Vulnerability (Pwn2Own ZDI-23-1055)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42431: PWN2OWN ZDI-CAN-20550: Zero Day Initiative Vulnerability (Softing Secure Integration Server)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 07, 2023
- Last Modified Date: August 29, 2023
42432: HTTP: Softing Secure Integration Server Interpretation Conflict Vulnerability (Pwn2Own ZDI-23-1063)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42432: PWN2OWN ZDI-CAN-20551: Zero Day Initiative Vulnerability (Softing Secure Integration Server)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 07, 2023
- Last Modified Date: August 29, 2023
42433: HTTP: Softing edgeAggregator Client Cross-Site Scripting Vulnerability (Pwn2Own ZDI-23-1057)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42433: PWN2OWN ZDI-CAN-20504: Zero Day Initiative Vulnerability (Softing EdgeAggregator Client)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: August 29, 2023
42472: HTTP: Adobe ColdFusion copydirectory Directory Traversal Vulnerability (ZDI-23-1102)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42472: ZDI-CAN-20474: Zero Day Initiative Vulnerability (Adobe ColdFusion)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: August 29, 2023
* 42561: HTTP: Adobe Acrobat and Reader Prototype Pollution Vulnerability (ZDI-23-1107,1108)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42561: HTTP: Adobe Acrobat and Reader Prototype Pollution Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: August 29, 2023
42562: HTTP: Adobe Acrobat Reader DC Net.HTTP.request Input Validation Vulnerability (Pwn2Own ZDI-23-1108)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42562: PWN2OWN ZDI-CAN-20743: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: August 29, 2023
42563: HTTP: Adobe Acrobat Reader DC Net.HTTP.request URL Restriction Bypass Vulnerability (ZDI-23-1110)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42563: HTTP: Adobe Acrobat Reader DC Net.HTTP.request URL Restriction Bypass Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: August 29, 2023
42704: HTTP: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Vulnerability (ZDI-23-1117)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42704: ZDI-CAN-20991: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 16, 2023
- Last Modified Date: August 29, 2023
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9823