New Filters:
42834: HTTP: Ivanti Avalanche SmartDeviceServer decodeToMap XML External Entity Injection (ZDI-23-1167)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an XML External Entity Injection vulnerability in Ivanti Avalanche.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32567 CVSS 7.5
- Zero Day Initiative: ZDI-23-1167
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43661: HTTP: Apache Airflow Example DAG Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Apache Airflow.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-11978
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43663: HTTP: Apache Airflow Enable Example DAG Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a request to enable an example DAG in Apache Airflow.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2020-11978
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43674: ZDI-CAN-22552: Zero Day Initiative Vulnerability (Microsoft Skype)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Skype.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43690: ZDI-CAN-22813: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43691: ZDI-CAN-22747: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43692: ZDI-CAN-22746: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43693: ZDI-CAN-22875: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43694: ZDI-CAN-22613: Zero Day Initiative Vulnerability (WordPress Core)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting WordPress Core.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43695: HTTP: Ivanti Connect Secure and Policy Secure Gateway Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Ivanti Connect Secure and Policy Secure Gateway.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-46805
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43697: HTTP: Ivanti Connect Secure and Policy Secure Gateway Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Ivanti Connect Secure and Policy Secure Gateway.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21887
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43699: HTTP: Zoho ManageEngine OpManager Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Zoho ManageEngine OpManager.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-47211 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: January 23, 2024
43702: ZDI-CAN-22890: Zero Day Initiative Vulnerability (Linux Kernel)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Linux Kernel.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43713: ZDI-CAN-22947: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43714: ZDI-CAN-22888: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43715: ZDI-CAN-23002: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: January 23, 2024
43717: HTTP: Gitlab CE/EE Password Reset Improper Access Control Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an improper access control vulnerability in GitLab Community and Enterprise Edition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-7028
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
43721: HTTP: Atlassian Confluence Data Center and Server Template Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a template injection vulnerability in Atlassian Confluence Data Center and Server.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-22527
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 23, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 35085: HTTP: Oracle WebLogic Server Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: April 26, 2019
- Last Modified Date: January 23, 2024
42205: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-24-021)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42205: ZDI-CAN-18870: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 24, 2023
- Last Modified Date: January 23, 2024
42209: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-24-022)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42209: ZDI-CAN-18869: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 24, 2023
- Last Modified Date: January 23, 2024
43007: HTTP: D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Buffer Overflow Vulnerability (ZDI-24-033)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43007: ZDI-CAN-21590: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43021: HTTP: D-Link DCS-8300LHV2 RTSP Nonce Buffer Overflow Vulnerability (ZDI-24-044)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43021: ZDI-CAN-20072: Zero Day Initiative Vulnerability (D-Link DCS-8300LHV2)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43054: HTTP: Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery (ZDI-24-053)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43054: ZDI-CAN-21406: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43072: HTTP: D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Buffer Overflow Vulnerability (ZDI-24-039)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43072: ZDI-CAN-21667: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43073: HTTP: D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Buffer Overflow Vulnerability (ZDI-24-040)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43073: ZDI-CAN-21669: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43074: HTTP: D-Link DIR-X3260 prog.cgi SetDeviceSettings Buffer Overflow Vulnerability (ZDI-24-041)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43074: ZDI-CAN-21670: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43075: HTTP: D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Buffer Overflow Vulnerability (ZDI-24-042)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43075: ZDI-CAN-21672: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43076: HTTP: D-Link DIR-X3260 prog.cgi SetAPClientSettings Buffer Overflow Vulnerability (ZDI-24-043)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43076: ZDI-CAN-21673: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43077: HTTP: D-Link DIR-X3260 prog.cgi SetUsersSettings Buffer Overflow Vulnerability (ZDI-24-050)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43077: ZDI-CAN-21675: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43158: HTTP: Inductive Automation Ignition RunQuery Insecure Deserialization Vulnerability (ZDI-24-014)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43158: ZDI-CAN-21625: Zero Day Initiative Vulnerability (Inductive Automation Ignition)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: January 23, 2024
43317: HTTP: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Vulnerability (ZDI-24-056)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "43317: ZDI-CAN-21952: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 10, 2023
- Last Modified Date: January 23, 2024
43369: HTTP: Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability(ZDI-24-058)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43369: ZDI-CAN-21953: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 24, 2023
- Last Modified Date: January 23, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
9149: HTTP: Firefox JavaScript Heap Memory Disclosure Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: November 02, 2009
- Last Modified Date: January 23, 2024
* 42500: HTTP: Microsoft Word RTF Memory Corruption Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
- Release Date: March 14, 2023
- Last Modified Date: January 23, 2024
42704: HTTP: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Vulnerability (ZDI-24-055, ZDI-23-1117)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42704: HTTP: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Vulnerability (ZDI-23-1117)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 16, 2023
- Last Modified Date: January 23, 2024
43005: HTTP: Ivanti Avalanche decode XML External Entity Processing Vulnerability (ZDI-24-054)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43005: ZDI-CAN-21458: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43008: HTTP: D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Buffer Overflow Vulnerability (ZDI-24-034)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43008: ZDI-CAN-21591: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43009: HTTP: D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Buffer Overflow Vulnerability (ZDI-24-035)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43009: ZDI-CAN-21592: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43010: HTTP: D-Link DIR-X3260 prog.cgi SetSysEmailSettings Buffer Overflow Vulnerability (ZDI-24-036)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43010: ZDI-CAN-21593: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43011: HTTP: D-Link DIR-X3260 prog.cgi SetWanSettings Buffer Overflow Vulnerability (ZDI-24-037)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43011: ZDI-CAN-21594: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43012: HTTP: D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Buffer Overflow Vulnerability (ZDI-24-038)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43012: ZDI-CAN-21595: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43020: HTTP: D-Link DCS-8300LHV2 ONVIF Duration Buffer Overflow Vulnerability (ZDI-24-047)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43020: ZDI-CAN-21321: Zero Day Initiative Vulnerability (D-Link DCS-8300LHV2)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: January 23, 2024
43043: HTTP: D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Vulnerability (ZDI-24-045)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43043: ZDI-CAN-21319: Zero Day Initiative Vulnerability (D-Link DCS-8300LHV2)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43044: HTTP: D-Link DCS-8300LHV2 ONVIF SetHostName Buffer Overflow Vulnerability (ZDI-24-048)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43044: ZDI-CAN-21322: Zero Day Initiative Vulnerability (D-Link DCS-8300LHV2)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: January 23, 2024
43157: HTTP: Inductive Automation Ignition ModuleInvoke Deserialization Vulnerability (ZDI-23-1813)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43157: ZDI-CAN-21624: Zero Day Initiative Vulnerability (Inductive Automation Ignition)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: January 23, 2024
43159: HTTP: Inductive Automation Ignition Insecure Deserialization Vulnerability (ZDI-24-015)
- IPS Version: 3.0.0 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43159: ZDI-CAN-21801: Zero Day Initiative Vulnerability (Inductive Automation Ignition)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: January 23, 2024
43381: HTTP: Inductive Automation Ignition ExtendedDocumentCodec Deserialization Vulnerability (ZDI-24-018)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43381: ZDI-CAN-22127: Zero Day Initiative Vulnerability (Inductive Automation Ignition)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 24, 2023
- Last Modified Date: January 23, 2024
43440: HTTP: Foxit PDF Reader Doc Out-Of-Bounds Read Vulnerability (ZDI-23-1868)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43440: ZDI-CAN-22254: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: November 14, 2023
- Last Modified Date: January 23, 2024
43441: HTTP: Foxit PDF Reader AcroForm Doc Use-After-Free Vulnerability (ZDI-23-1869)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43441: ZDI-CAN-22255: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 14, 2023
- Last Modified Date: January 23, 2024
43442: HTTP: Foxit PDF Reader AcroForm Doc Use-After-Free Vulnerability (ZDI-23-1870)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43442: ZDI-CAN-22256: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 14, 2023
- Last Modified Date: January 23, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.