New Filters:
37850: HTTP: Microsoft .NET Framework XPS File Parsing Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Microsoft .NET Framework.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-0605
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 10, 2023
42478: HTTP: LG Simple Editor deleteFolder Directory Traversal Vulnerability (ZDI-23-1200)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in LG Simple Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-40494 CVSS 8.3
- Zero Day Initiative: ZDI-23-1200
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 10, 2023
43288: HTTP: JetBrains TeamCity Copy Build Step Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a reflected cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-41249 CVSS 5.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 10, 2023
43295: ZDI-CAN-22041: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Reader DC.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 10, 2023
43313: TCP: Apache CouchDB Erlang Cookie Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass in Apache CouchDB.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-24706 CVSS 9.8
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: October 10, 2023
43314: HTTP: Microsoft SharePoint GenerateProxyAssembly Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in Microsoft SharePoint.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-24954 CVSS 6.5
- Zero Day Initiative: ZDI-23-883
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: October 10, 2023
43316: HTTP: OpenTSDB Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in OpenTSDB.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-25826 CVSS 9.8, CVE-2023-36812 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: UNIX/Linux Client Application
- Release Date: October 10, 2023
43317: ZDI-CAN-21952: Zero Day Initiative Vulnerability (Ivanti Avalanche)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Avalanche.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 10, 2023
43325: HTTP: Microsoft SharePoint GenerateProxyAssembly Base64 Encoded Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in Microsoft SharePoint.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-24954 CVSS 6.5
- Zero Day Initiative: ZDI-23-883
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: October 10, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
0343: HTTP: Shell Command Execution (/bin/ps)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: December 31, 2005
- Last Modified Date: October 10, 2023
* 12658: HTTP: Novell GroupWise Internet Agent Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: November 20, 2012
- Last Modified Date: October 10, 2023
16466: HTTP: Avaya IP Office Customer Call Reporter Unrestricted File Upload Vulnerability (ZDI-12-106)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 08, 2014
- Last Modified Date: October 10, 2023
* 16628: TCP: HP Data Protector Multiple Opcodes Parsing Code Execution Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: August 19, 2014
- Last Modified Date: October 10, 2023
39423: HTTP: Grandstream UCM6202 SQL Injection Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 06, 2021
- Last Modified Date: October 10, 2023
40328: TCP: Oracle WebLogic Server Memory Corruption Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: September 21, 2021
- Last Modified Date: October 10, 2023
41546: SMTP: Exim Improper Neutralization of Special Elements Vulnerability (ZDI-23-1471)
- IPS Version: 3.0.0 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41546: ZDI-CAN-17554: Zero Day Initiative Vulnerability (Exim)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 02, 2022
- Last Modified Date: October 10, 2023
41722: HTTP: Mozilla Firefox JIT Boolean Conversion Uninitialized Variable Vulnerability (ZDI-23-1467)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41722: ZDI-CAN-18594: Zero Day Initiative Vulnerability (Mozilla Firefox)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 13, 2022
- Last Modified Date: October 10, 2023
* 42542: HTTP: Microsoft SharePoint GenerateProxyAssembly Code Injection Vulnerability (Pwn2Own ZDI-23-883)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: October 10, 2023
42833: HTTP: Ivanti Avalanche allowPassThrough Authentication Bypass Vulnerability (ZDI-23-1121)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 20, 2023
- Last Modified Date: October 10, 2023
43027: HTTP: Foxit PDF Reader XFA Doc Object Use-After-Free Vulnerability (ZDI-23-1424)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43027: ZDI-CAN-21601: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: October 10, 2023
43079: HTTP: Foxit PDF Reader templates Use-After-Free Vulnerability (ZDI-23-1422)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43079: ZDI-CAN-21586: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: October 10, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
41576: DNS: Exim libspf2 Integer Underflow Vulnerability (ZDI-23-1472)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41576: ZDI-CAN-17578: Zero Day Initiative Vulnerability (Exim)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 02, 2022
- Last Modified Date: October 10, 2023
42118: HTTP: Adobe Acrobat Reader DC richText Use-After-Free Vulnerability (ZDI-23-061)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42118: HTTP: Adobe Acrobat Reader DC richText Use-After-Free Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: December 27, 2022
- Last Modified Date: October 10, 2023
42433: HTTP: Softing edgeAggregator Client Cross-Site Scripting Vulnerability (Pwn2Own ZDI-23-1057)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: March 14, 2023
- Last Modified Date: October 10, 2023
* 42781: HTTP: Control Web Panel mysql_manager Command Injection Vulnerability (ZDI-23-1476)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42781: ZDI-CAN-21080: Zero Day Initiative Vulnerability (Control Web Panel)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: October 10, 2023
42998: HTTP: ManageEngine ADManager Plus download Directory Traversal Vulnerability (ZDI-23-1401)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42998: ZDI-CAN-21184: Zero Day Initiative Vulnerability (ManageEngine ADManager Plus)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 10, 2023
* 43001: HTTP: Microsoft Exchange ExFileLog Deserialization of Untrusted Data Vulnerability (ZDI-23-1447)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43001: ZDI-CAN-21487: Zero Day Initiative Vulnerability (Microsoft Exchange)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 10, 2023
* 43002: HTTP: Microsoft Exchange Project Deserialization of Untrusted Data Vulnerability (ZDI-23-1417)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43002: ZDI-CAN-21489: Zero Day Initiative Vulnerability (Microsoft Exchange)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 10, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.