New Filters:
44075: HTTP: Delta Industrial Automation DIAEnergie GetDIAE_usListParameters SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Delta Industrial DIAEnergie.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-25574 CVSS 7.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: April 16, 2024
44076: HTTP: pgAdmin pga4_session Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in pgAdmin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-2044 CVSS 7.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 16, 2024
44098: HTTP: Microsoft Windows Libarchive execute_filter_e8 Integer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an integer overflow vulnerability in Microsoft Windows Libarchive.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-20697
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: April 16, 2024
44101: HTTP: RARLAB WinRAR ZIP File Out-of-Bounds Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: The filter detects an attempt to exploit an out-of-bounds read vulnerability in RARLAB WinRAR.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-43650
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Other Client Application
- Release Date: April 16, 2024
44102: HTTP: Gibbon LMS import_run.php Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Gibbon LMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-24725
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 16, 2024
44104: ZDI-CAN-23760: Zero Day Initiative Vulnerability (Progress Software WhatsUp Gold)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Progress Software WhatsUp Gold.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 16, 2024
44105: ZDI-CAN-23536,23537: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 16, 2024
44106: ZDI-CAN-23538: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 16, 2024
44107: ZDI-CAN-23549: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 16, 2024
44114: HTTP: FileCatalyst Workflow Web Portal Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects and attempt to exploit a directory traversal vulnerability in FileCatalyst Workflow.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-25153
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 16, 2024
44116: UDP: MeshCentral Local Agent Check-in
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to establish a connection with MeshCentral.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: UDP (Generic)
- Platform: Multi-Platform Client Application
- Release Date: April 16, 2024
44125: HTTP: Palo Alto Networks PAN-OS GlobalProtect Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Palo Alto Networks PAN-OS.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-3400 CVSS 10.0
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: UNIX/Linux Server Application or Service
- Release Date: April 16, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
41399: HTTP: Adobe ColdFusion Directory Traversal Vulnerability (ZDI-22-1434)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 14, 2022
- Last Modified Date: April 16, 2024
42238: HTTP: Parse Server literalizeRegexPart SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42238: ZDI-CAN-19105: Zero Day Initiative Vulnerability (Parse Server)".
- Category changed from "Exploits" to "Vulnerabilities".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: April 16, 2024
42625: HTTP: Inductive Automation Ignition ServerMessage Insecure Deserialization (ZDI-22-1017)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 02, 2023
- Last Modified Date: April 16, 2024
44068: HTTP: Suspicious Transfer-Encoded Chunked Response (DoS Only)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: April 09, 2024
- Last Modified Date: April 16, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42466: HTTP: Softing edgeAggregator Restore Configuration Directory Traversal (Pwn2Own ZDI-23-1058,24-352)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42466: HTTP: Softing edgeAggregator Restore Configuration Directory Traversal (Pwn2Own ZDI-23-1058)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: April 16, 2024
43340: HTTP: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-356)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43340: ZDI-CAN-22051: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 17, 2023
- Last Modified Date: April 16, 2024
43655: HTTP: Foxit PDF Reader Doc Object Use-After-Free Vulnerability (ZDI-24-302)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43655: ZDI-CAN-22576: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43656: HTTP: Foxit PDF Reader Doc Object Use-After-Free Vulnerability (ZDI-24-305)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43656: ZDI-CAN-22638: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43659: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-303)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43659: ZDI-CAN-22642: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43660: HTTP: Foxit PDF Reader template Use-After-Free Vulnerability (ZDI-24-311)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43660: ZDI-CAN-22632: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43665: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-317)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43665: ZDI-CAN-22706: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43675: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-323)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43675: ZDI-CAN-22742: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43676: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-328,ZDI-24-335)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43676: ZDI-CAN-22799,22800: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
43686: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-338)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43686: ZDI-CAN-22877: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: April 16, 2024
* 43701: HTTP: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165,361)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43701: HTTP: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 17, 2024
- Last Modified Date: April 16, 2024
43890: SMB: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165,361)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43890: SMB: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 20, 2024
- Last Modified Date: April 16, 2024
44065: HTTP: Artica Proxy images.listener.php Arbitrary File Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: April 09, 2024
- Last Modified Date: April 16, 2024
44066: HTTP: Artica Proxy wiz.wizard.progress.php Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: April 09, 2024
- Last Modified Date: April 16, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.