New Filters:
43973: TCP: QEMU Network Socket Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to use a network socket in QEMU.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43978: HTTP: XWiki.org XWiki RegistrationConfig Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21650 CVSS 8.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43979: HTTP: BoidCMS Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in the BoidCMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-38836
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43981: SMB: Samba Spotlight mdssvc RPC Request Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Windows SMB and Unix/Linux Samba servers.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34967
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: SMB
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43982: HTTP: Wordpress Popup Builder Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in the Popup Builder plugin for WordPress.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6000
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43983: HTTP: WordPress Ultimate Member Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in the Ultimate Member plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-1071
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43984: HTTP: Nagios XI command_test.php Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Nagios XI.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-48085 CVSS 8.6
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43985: HTTP: WordPress Better Search Replace Plugin Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in WordPress Better Search Replace Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6933 CVSS 7.9
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43986: HTTP: Apache OFBiz loadJWT Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache OFBiz.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-25065
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
43987: HTTP: WordPress Fastest Cache Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in the Fastest Cache plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6063
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
44013: HTTP: WordPress Bricks Builder Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command execution vulnerability in WordPress Bricks Builder.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-25600
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 19, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
42530: HTTP: LG LED Assistant setThumbnailRc Directory Traversal Vulnerability (ZDI-23-1222)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: March 19, 2024
43566: HTTP: Allegra GanttAndSchExportAction Directory Traversal Vulnerability (ZDI-24-110)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43566: HTTP: Allegra downloadExportedChart Directory Traversal Vulnerability (ZDI-24-110)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 19, 2023
- Last Modified Date: March 19, 2024
43654: HTTP: Perl Module Spreadsheet::ParseExcel XLS File Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: March 19, 2024
* 43702: SMB2: Linux Kernel ksmbd Mech Token Out-Of-Bounds Read Vulnerability (ZDI-24-194)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43702: HTTP: Linux Kernel ksmbd Mech Token Out-Of-Bounds Read Vulnerability (ZDI-24-194)".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 23, 2024
- Last Modified Date: March 19, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42780: HTTP: SolarWinds Orion Platform Security Bypass Vulnerability (ZDI-23-1004,1584)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42780: HTTP: SolarWinds Orion Platform BlacklistedFilesChecker Security Bypass Vulnerability (ZDI-23-1004)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: March 19, 2024
42902: HTTP: SolarWinds Network Configuration Manager Directory Traversal Vulnerability (ZDI-23-1585)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42902: ZDI-CAN-21223: Zero Day Initiative Vulnerability (SolarWinds Network Configuration)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 04, 2023
- Last Modified Date: March 19, 2024
43124: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-243)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43124: ZDI-CAN-21523: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43125: HTTP: Ashlar-Vellum Cobalt STP File Parsing Stack-based Buffer Overflow Vulnerability (ZDI-24-239)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43125: ZDI-CAN-21535: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43126: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-240)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43126: ZDI-CAN-21728: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43128: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-241)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43128: ZDI-CAN-21730: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43129: HTTP: Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Vulnerability (ZDI-24-245)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43129: ZDI-CAN-21732: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43130: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-236)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43130: ZDI-CAN-21735: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43131: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-237)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43131: ZDI-CAN-21738: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43132: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-246)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43132: ZDI-CAN-21741: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43133: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-235)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43133: ZDI-CAN-21744: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43134: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-238)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43134: ZDI-CAN-21745: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43135: HTTP: Ashlar-Vellum Cobalt STP File Parsing Type Confusion Vulnerability (ZDI-24-244)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43135: ZDI-CAN-21746: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
43162: HTTP: Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Vulnerability (ZDI-24-247)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43162: ZDI-CAN-21740: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9886