New Filters:
44600: ZDI-CAN-24571: Zero Day Initiative Vulnerability (Trend Micro Apex One)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Apex One.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 03, 2024
44703: SMTP: Exim Multiline Header Filename Parsing Policy Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a policy bypass vulnerability in Exim.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-39929
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44718: HTTP: WordPress Husky Products Filter Plugin woof_author SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in WordPress Husky Products Filter Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-6457 CVSS 8.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44719: HTTP: Roundcube Webmail SVG animate Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Roundcube Webmail.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-37383 CVSS 5.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44720: HTTP: Cisco Data Center Network Manager getConfigTemplateFileName URI SQL Injection (ZDI-20-111)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Cisco Data Center Network Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2019-15984 CVSS 9.0
- Zero Day Initiative: ZDI-20-111
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44724: HTTP: Anyscale Ray Exposed API Arbitrary Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary code execution vulnerability in Anyscale Ray.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-48022 CVSS 9.8
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44726: HTTP: Apple WebKit Type Confusion Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a type confusion vulnerability in Apple WebKit.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-41993
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
44727: HTTP: XWiki.org XWiki SearchSuggestConfigSheet Server-Side Template Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a template injection vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-37901
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 03, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
43408: HTTP: QNAP TS-464 username Command Injection Vulnerability (Pwn2Own ZDI-24-826,ZDI-24-827)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 31, 2023
- Last Modified Date: September 03, 2024
* 43786: HTTP: PaperCut NG PrintDeployProxyController Authentication Bypass Vulnerability (ZDI-24-782)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: September 03, 2024
* 44106: HTTP: Ivanti Endpoint Manager GetLogFileRulesNameUniqueSQL SQL Injection Vulnerability (ZDI-24-513)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 16, 2024
- Last Modified Date: September 03, 2024
44122: HTTP: Progress Software WhatsUp Gold APM Unrestricted File Upload Vulnerability (ZDI-24-895)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 03, 2024
* 44657: HTTP: Cisco Data Center Network Manager SQL Injection Vulnerability (ZDI-20-016,017,031,111,115,121)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44657: HTTP: Cisco Data Center Network Manager SQL Injection Vulnerability (ZDI-20-017,115,121)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: September 03, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 25378: IP: Non-IGMP Packet with IP options
- IPS Version: Not available.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: December 06, 2016
- Last Modified Date: September 03, 2024
36143: HTTP: Cisco Data Center Network Manager persistUserInfo SQL Injection Vulnerability (ZDI-20-016)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: September 17, 2019
- Last Modified Date: September 03, 2024
36271: HTTP: Cisco Data Center Network Manager getLicenses SQL Injection Vulnerability (ZDI-20-031)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: October 15, 2019
- Last Modified Date: September 03, 2024
36474: HTTP: Cisco Data Center Network Manager getConfigTemplateFileName SQL Injection (ZDI-20-111)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: October 29, 2019
- Last Modified Date: September 03, 2024
42485: HTTP: LG Simple Editor createThumbnailByMovie Command Injection Vulnerability (ZDI-23-1208,1209)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: September 03, 2024
43082: HTTP: Ivanti Avalanche deleteSkin Directory Traversal File Deletion Vulnerability (ZDI-24-1149)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43082: ZDI-CAN-21401: Zero Day Initiative Vulnerability (Ivanti Avalanche)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: September 03, 2024
44214: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-1126)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44214: ZDI-CAN-23900: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: September 03, 2024
44217: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-24-1127)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44217: ZDI-CAN-23928: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: September 03, 2024
* 44569: HTTP: ServiceNow Template Injection Mitigation Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: September 03, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.