New Filters:
44737: HTTP: Anyscale Ray Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Anyscale Ray.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6019 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 10, 2024
44738: HTTP: Microsoft Exchange Server Autodiscover SSRF Vulnerability (PWN2OWN ZDI-21-821,ZDI-22-1595)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a server-side request forgery vulnerability in Microsoft Exchange.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2021-34473, CVE-2022-41040
- Zero Day Initiative: ZDI-21-821, ZDI-22-1595
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: September 10, 2024
44739: ZDI-CAN-24844: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44740: ZDI-CAN-24847: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44741: ZDI-CAN-24976: Zero Day Initiative Vulnerability (Ashlar-Vellum Graphite)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Graphite.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44742: ZDI-CAN-24977: Zero Day Initiative Vulnerability (Ashlar-Vellum Graphite)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Graphite.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44743: ZDI-CAN-24782: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44745: ZDI-CAN-25054: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44746: ZDI-CAN-25057: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44747: ZDI-CAN-25063: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44750: HTTP: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Ivanti Virtual Traffic Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-7593 CVSS 9.1
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 10, 2024
44751: ZDI-CAN-24764: Zero Day Initiative Vulnerability (NVIDIA Onyx)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting NVIDIA Onyx.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44752: ZDI-CAN-25270: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44753: HTTP: GitLab Community and Enterprise Edition Gollum Link Regex Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in GitLab Community and Enterprise Edition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6502 CVSS 3.8
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 10, 2024
44754: ZDI-CAN-25215: Zero Day Initiative Vulnerability (Trend Micro Deep Security)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Deep Security.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44755: ZDI-CAN-25207: Zero Day Initiative Vulnerability (Microsoft Sharepoint)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Sharepoint.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 10, 2024
44756: HTTP: SPIP porte_plum Unauthenticated Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in the porte_plume plugin used by SPIP.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-7954 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 10, 2024
44757: HTTP: Calibre Python Suspicious Query Template
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects the presence of Calibre queries that utilize a template. Calibre is an open-source e-book manager written primarily in Python. Users are able to interact with Calibre using Python scripts and extend its functionality through plugins.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-6782 CVSS 9.8
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 10, 2024
44764: HTTP: Adobe ColdFusion Application Scope Improper Access Control Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an improper access control vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-41874
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 10, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 39522: HTTP: Microsoft Exchange Server Autodiscover SSRF Vulnerability (PWN2OWN ZDI-21-821,ZDI-22-1595)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 08, 2021
- Last Modified Date: September 10, 2024
43593: HTTP: Centreon insertGraphTemplate SQL Injection Vulnerability (ZDI-24-113)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: September 10, 2024
44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44574: ZDI-CAN-24998: Zero Day Initiative Vulnerability (Microsoft Internet Explorer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: September 10, 2024
44576: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44576: ZDI-CAN-24998: Zero Day Initiative Vulnerability (Microsoft Internet Explorer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: September 10, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 37215: TCP: Oracle Weblogic IIOP Insecure Deserialization Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: March 03, 2020
- Last Modified Date: September 10, 2024
37692: HTTP: Advantech iView Directory Traversal Vulnerability (ZDI-20-847,829,1085,1086,1087,1088,1089)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: May 05, 2020
- Last Modified Date: September 10, 2024
42320: HTTP: Zabbix Server pdf_report_creator.go Arbitrary File Read Vulnerability (ZDI-23-1168)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42320: HTTP: Zabbix Server pdf_report_creator.go Arbitrary File Read Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: September 10, 2024
43005: HTTP: Ivanti Avalanche decode XML External Entity Processing Vulnerability (ZDI-24-054)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: September 10, 2024
44081: HTTP: Delta Electronics DTN Soft Deserialization of Untrusted Data Vulnerability (ZDI-24-1183)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44081: ZDI-CAN-22330: Zero Day Initiative Vulnerability (Delta Electronics DT Soft)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 09, 2024
- Last Modified Date: September 10, 2024
44131: HTTP: Microsoft SharePoint SPThemes Deserialization of Untrusted Data Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44131: ZDI-CAN-23930: Zero Day Initiative Vulnerability (Microsoft Sharepoint)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44132: HTTP: Microsoft SharePoint SPThemes Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44132: ZDI-CAN-23930: Zero Day Initiative Vulnerability (Microsoft Sharepoint)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44144: HTTP: Delta Electronics DIAScreen Stack-based Buffer Overflow Vulnerability (ZDI-24-1166)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44144: ZDI-CAN-23801: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44145: HTTP: Delta Electronics DIAScreen Stack-based Buffer Overflow Vulnerability (ZDI-24-1167)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44145: ZDI-CAN-23802: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44146: HTTP: Delta Electronics DIAScreen Stack-based Buffer Overflow Vulnerability (ZDI-24-1168)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44146: ZDI-CAN-23803: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44147: HTTP: Delta Electronics DIAScreen DPA Stack-based Buffer Overflow Vulnerability (ZDI-24-1169)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44147: ZDI-CAN-23804: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44148: HTTP: Delta Electronics DIAScreen DPA Stack-based Buffer Overflow Vulnerability (ZDI-24-1170)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44148: ZDI-CAN-23805: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44149: HTTP: Delta Electronics DIAScreen DPA Stack-based Buffer Overflow Vulnerability (ZDI-24-1171)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44149: ZDI-CAN-23806: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44150: HTTP: Delta Electronics DIAScreen DPA Stack-based Buffer Overflow Vulnerability (ZDI-24-1172)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44150: ZDI-CAN-23808: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 10, 2024
44162: HTTP: Delta Electronics DIAScreen Stack-based Buffer Overflow Vulnerability (ZDI-24-1174)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44162: ZDI-CAN-23834: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 30, 2024
- Last Modified Date: September 10, 2024
44163: HTTP: Delta Electronics DIAScreen DPA File Parsing Buffer Overflow Vulnerability (ZDI-24-1173)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44163: ZDI-CAN-23833: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 30, 2024
- Last Modified Date: September 10, 2024
44213: HTTP: Allegra getLinkText Server-Side Template Injection Vulnerability (ZDI-24-1165)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44213: ZDI-CAN-23609: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: September 10, 2024
44245: HTTP: Delta Electronics DIAScreen DPA File Parsing Buffer Overflow Vulnerability (ZDI-24-1175)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44245: ZDI-CAN-23812: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: September 10, 2024
44486: HTTP: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44486: ZDI-CAN-24482: Zero Day Initiative Vulnerability (Microsoft Sharepoint)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 09, 2024
- Last Modified Date: September 10, 2024
Removed Filters:
44704: HTTP: Oracle WebLogic Server Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Release Date: August 27, 2024
|
Views:
Keywords: Digital Vaccine #9940