New Filters:
44450: TLS: Malformed Server ECDSA Key Exchange
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to perform a TLS Server Key Exchange while using a malformed ECDSA signature.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-21449 CVSS 5.0
- Classification: Vulnerability - Other
- Protocol: SSL/TLS
- Platform: Multi-Platform Client Application
- Release Date: August 20, 2024
44455: TCP: JWT containing a suspicious ECDSA Signature
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a JWT message with a suspicious ECDSA signature.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-21449 CVSS 5.0
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44601: ZDI-CAN-24743: Zero Day Initiative Vulnerability (Autodesk Navisworks Freedom)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk Navisworks Freedom.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44607: ZDI-CAN-24848: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44608: ZDI-CAN-24867: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44609: ZDI-CAN-24870: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44645: HTTP: Progress WhatsUp Gold TestController Chart Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Progress Software WhatsUp Gold.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-5011 CVSS 6.7
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44649: HTTP: XWiki.org XWiki Upload Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a reflected cross-site scripting vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-37900 CVSS 4.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44650: DHCP: Microsoft Windows DHCP Server MFParseDhcpFailoverMessage Out-of-Bounds Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Windows Server.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-30070
- Classification: Vulnerability - Other
- Protocol: DHCP
- Platform: Windows Server Application or Service
- Release Date: August 20, 2024
44651: ZDI-CAN-22414: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DRASimuCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44652: ZDI-CAN-22415: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DRASimuCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44653: ZDI-CAN-22450: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DRASimuCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44654: ZDI-CAN-24358: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44655: ZDI-CAN-24363: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44656: ZDI-CAN-24765: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44657: HTTP: Cisco Data Center Network Manager SQL Injection Vulnerability (ZDI-20-017,115,121)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Cisco Data Center Network Manager.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2019-15984 CVSS 9.0
- Zero Day Initiative: ZDI-20-017, ZDI-20-115, ZDI-20-121
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44658: ZDI-CAN-24766: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44659: ZDI-CAN-24758: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44660: ZDI-CAN-24825: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44661: ZDI-CAN-24826: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44662: ZDI-CAN-24827: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44663: ZDI-CAN-25056: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44664: ZDI-CAN-25055: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44665: ZDI-CAN-25003: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44666: ZDI-CAN-24690: Zero Day Initiative Vulnerability (Microsoft Edge)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Edge.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44667: HTTP: Logsign Unified SecOps Platform Directory Traversal Vulnerability (ZDI-24-1102,1103,1106)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Logsign Unified SecOps Platform.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-7600 CVSS 7.1, CVE-2024-7601 CVSS 7.1, CVE-2024-7602 CVSS 6.5
- Zero Day Initiative: ZDI-24-1102, ZDI-24-1103, ZDI-24-1106
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44668: HTTP: Logsign Unified SecOps Platform Directory Traversal Vulnerability (ZDI-24-1105)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Logsign Unified SecOps Platform.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-7603 CVSS 7.1
- Zero Day Initiative: ZDI-24-1105
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44669: ZDI-CAN-25001: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44670: ZDI-CAN-25002: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44671: ZDI-CAN-25004: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44672: ZDI-CAN-25005: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44673: ZDI-CAN-25006: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44674: ZDI-CAN-25007: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44675: ZDI-CAN-25008: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44676: ZDI-CAN-25009: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44677: ZDI-CAN-25010: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAScreen.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44681: HTTP: GitLab Community and Enterprise Edition Runner Suspicious Description Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a description of suspicious length in GitLab Community and Enterprise Edition.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-2874 CVSS 6.5
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 20, 2024
44682: RPC: Microsoft Windows Runtime Library Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a vulnerability in Microsoft Windows.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-26809
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: MS-RPC
- Platform: Windows Server Application or Service
- Release Date: August 20, 2024
44683: ZDI-CAN-24772: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting AutomationDirect C-More EA9.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44684: ZDI-CAN-24773: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting AutomationDirect C-More EA9.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44685: ZDI-CAN-24774: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting AutomationDirect C-More EA9.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44686: ZDI-CAN-24843: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 20, 2024
44687: TCP: Microsoft COM for Windows Privilege Escalation Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a privilege escalation vulnerability in Microsoft COM for Windows.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-0624
- Classification: Vulnerability - Access Validation
- Protocol: TCP (Generic)
- Platform: Windows Client Application
- Release Date: August 20, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
36693: HTTP: Cisco Data Center Network Manager getLanSwitchDataLength SQL Injection (ZDI-20-115,ZDI-20-121)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 26, 2019
- Last Modified Date: August 20, 2024
* 40627: HTTP: JNDI Injection in HTTP Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 13, 2021
- Last Modified Date: August 20, 2024
40846: HTTP: WordPress Contact Form Entries Plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 08, 2022
- Last Modified Date: August 20, 2024
41680: SMTP: Microsoft Outlook Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: September 06, 2022
- Last Modified Date: August 20, 2024
* 42150: HTTP: TP-Link AX1800 locale controller Command Injection Vulnerability (ZDI-23-451)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 10, 2023
- Last Modified Date: August 20, 2024
* 44123: HTTP: Ivanti Endpoint Manager GetDBPatchProducts SQL Injection Vulnerability (ZDI-24-509,510,506)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: August 20, 2024
* 44563: TCP: Progress Software WhatsUp Gold WriteDataFile Directory Traversal Vulnerability (ZDI-24-892)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: August 20, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
10052: SMB: Microsoft Program Information File Transmission (ATT&CK T1039)
- IPS Version: 3.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: July 28, 2010
- Last Modified Date: August 20, 2024
13076: HTTP: Apache Struts 2 OGNL Command Injection Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: July 30, 2013
- Last Modified Date: August 20, 2024
30148: HTTP: GNU Wget skip_short_body/fd_read_body Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: January 09, 2018
- Last Modified Date: August 20, 2024
33858: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-334,ZDI-20-192)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: December 25, 2018
- Last Modified Date: August 20, 2024
36144: HTTP: Cisco Data Center Network Manager getTokenInfo SQL Injection Vulnerability (ZDI-20-017)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: September 17, 2019
- Last Modified Date: August 20, 2024
37250: HTTP: Apache Solr VelocityResponseWriter Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: March 03, 2020
- Last Modified Date: August 20, 2024
39077: TCP: VMware vSphere Client vropspluginui Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: March 02, 2021
- Last Modified Date: August 20, 2024
* 40025: HTTP: Microsoft Office Word Converter Use-After-Free Vulnerability (ZDI-21-1158)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: July 27, 2021
- Last Modified Date: August 20, 2024
41337: HTTP: WordPress Tatsu Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: May 24, 2022
- Last Modified Date: August 20, 2024
44244: HTTP: Delta Electronics CNCSoft-G2 DPAX File Parsing Buffer Overflow Vulnerability (ZDI-24-937)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44244: ZDI-CAN-23811: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: August 20, 2024
44246: HTTP: Delta Electronics CNCSoft-G2 DPAX File Parsing Buffer Overflow Vulnerability (ZDI-24-936)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44246: ZDI-CAN-23809: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: August 20, 2024
44247: HTTP: Delta Electronics CNCSoft-G2 DPAX File Parsing Buffer Overflow Vulnerability (ZDI-24-935)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44247: ZDI-CAN-23807: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: August 20, 2024
44313: HTTP: Adobe Acrobat Reader DC AcroForm Annotation Out-of-Bounds Write Vulnerability (ZDI-24-1136)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44313: ZDI-CAN-24182: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 28, 2024
- Last Modified Date: August 20, 2024
44419: HTTP: Adobe Acrobat Reader DC Annotation Out-of-Bounds Read Vulnerability (ZDI-24-1132)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44419: ZDI-CAN-24310: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: June 25, 2024
- Last Modified Date: August 20, 2024
44508: HTTP: Adobe Acrobat Reader DC Annotation Memory Corruption Vulnerability (ZDI-24-1130)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44508: ZDI-CAN-24312: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 16, 2024
- Last Modified Date: August 20, 2024
44646: HTTP: SolarWinds Dameware Web Help Desk takeValueForKey Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44646: ZDI-CAN-25136: Zero Day Initiative Vulnerability (SolarWinds Dameware Web Help Desk)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: August 20, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.