New Filters:
44623: HTTP: Microsoft Windows Scripting Engine JIT Out-of-Bounds Write Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in the Microsoft Windows scripting engine.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30397
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: May 13, 2025
45727: HTTP: Vite Arbitrary File Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an arbitrary file read vulnerability in Vite.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-31125
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45821: TCP: Microsoft Windows Web Threat Defense Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Windows Web Threat Defense.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-29971
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: TCP (Generic)
- Platform: Windows Server Application or Service
- Release Date: May 13, 2025
45836: ZDI-CAN-26018: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45837: ZDI-CAN-26963: Zero Day Initiative Vulnerability (Autodesk Revit)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk Revit.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45838: ZDI-CAN-26631: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45839: ZDI-CAN-26718: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45840: ZDI-CAN-26719: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45841: HTTP: Ivanti Endpoint Manager Extensions DecodeBase64Object Insecure Deserialization (ZDI-25-040)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-13163 CVSS 7.7
- Zero Day Initiative: ZDI-25-040
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45842: ZDI-CAN-26720: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45843: HTTP: CyberPanel filemanager.py upload Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in CyberPanel.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-51568 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45844: HTTP: Apple Safari/Webkit loadInSameDocument Use-After-Free Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a use-after-free vulnerability in Apple WebKit.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-22620
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: May 13, 2025
45845: ZDI-CAN-26901: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45846: ZDI-CAN-26895: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45847: ZDI-CAN-26520: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45848: ZDI-CAN-26842: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45849: ZDI-CAN-25717: Zero Day Initiative Vulnerability (Labcenter Electronics Proteus)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Labcenter Electronics Proteus.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45850: ZDI-CAN-25718: Zero Day Initiative Vulnerability (Labcenter Electronics Proteus)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Labcenter Electronics Proteus.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45851: ZDI-CAN-25719: Zero Day Initiative Vulnerability (Labcenter Electronics Proteus)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Labcenter Electronics Proteus.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45852: ZDI-CAN-25720: Zero Day Initiative Vulnerability (Labcenter Electronics Proteus)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Labcenter Electronics Proteus.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45853: HTTP: Microsoft Windows .NET RemoteApplicationMetadata Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects RemoteApplicationMetadata HTTP response.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-29059
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45855: MQTT: Connect Command Request Using cURL Client ID
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a connect command request to a MQTT broker with a client ID of curl.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2021-22945 CVSS 9.1
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45858: ZDI-CAN-26626: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45859: ZDI-CAN-26628: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45860: HTTP: SysAid On-Premise Multiple External Entity Injection Vulnerabilities
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects attempts to exploit an external entity injection vulnerability in SysAid On-Premise.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2775, CVE-2025-2776
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45861: HTTP: SysAid On-Premise lshw External Entity Injection Vulnerability
- Name (3.2 DV): 45861: HTTP: SysAid On-Premise lshw External Entity Injection Vulnerabilities
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects attempts to exploit an external entity injection vulnerability in SysAid On-Premise.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2777
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45862: HTTP: SysAid On-Premise Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects attempts to exploit a remote code execution vulnerability in SysAid On-Premise.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2778
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45863: ZDI-CAN-26971: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45864: ZDI-CAN-26975: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45865: HTTP: Commvault Command Center deployWebpackage.do Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Commvault Command Center.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-34028
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45866: HTTP: WonderCMS Module Installation
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a module installation request in WonderCMS.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-41425
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 13, 2025
45867: ZDI-CAN-26747: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45868: ZDI-CAN-26744: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45869: TCP: Redis NOAUTH Response
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects NOAUTH responses from Redis.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: TCP (Generic)
- Platform: UNIX/Linux Server Application or Service
- Release Date: May 13, 2025
45870: ZDI-CAN-26748: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45871: ZDI-CAN-26755: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
45872: ZDI-CAN-26692: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 13, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
32773: HTTP: Horner Automation Cscape Untrusted Pointer Dereference Vulnerability (ZDI-18-1440)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "32773: ZDI-CAN-6413: Zero Day Initiative Vulnerability (Horner Automation Cscape)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 07, 2018
- Last Modified Date: May 13, 2025
33551: HTTP: Microsoft Windows JET Database Engine Out-of-Bounds Read Vulnerability (ZDI-19-220)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33551: ZDI-CAN-7312: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 27, 2018
- Last Modified Date: May 13, 2025
37605: HTTP: Fuji Electric Tellus Lite V-Simulator 6 V9 Buffer Overflow Vulnerability (ZDI-20-1116)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37605: ZDI-CAN-10736: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 14, 2020
- Last Modified Date: May 13, 2025
37622: HTTP: Microhard Bullet-LTE Ping Command Injection Vulnerability (ZDI-20-1205)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37622: ZDI-CAN-10595: Zero Day Initiative Vulnerability (Microhard Bullet-LTE)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 21, 2020
- Last Modified Date: May 13, 2025
39268: HTTP: QNAP NAS Malware Remover Command Injection Vulnerability (ZDI-21-592)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39268: ZDI-CAN-12891: Zero Day Initiative Vulnerability (QNAP NAS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 23, 2021
- Last Modified Date: May 13, 2025
39477: HTTP: Autodesk Design Review PDF File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-749)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39477: ZDI-CAN-13004: Zero Day Initiative Vulnerability (AutoDesk Design Review)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 06, 2021
- Last Modified Date: May 13, 2025
39735: HTTP: Microsoft Excel XLS File Parsing Use-After-Free Vulnerability (ZDI-21-670)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39735: ZDI-CAN-13681: Zero Day Initiative Vulnerability (Microsoft Excel)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 25, 2021
- Last Modified Date: May 13, 2025
39737: HTTP: Schneider Electric IGSS WSP and CGF Directory Traversal Vulnerability (ZDI-21-675)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39737: ZDI-CAN-13657: Zero Day Initiative Vulnerability (Schneider Electric IGSS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 25, 2021
- Last Modified Date: May 13, 2025
39738: HTTP: Schneider Electric IGSS CGF File Parsing Memory Corruption Vulnerability (ZDI-21-676)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39738: ZDI-CAN-13663: Zero Day Initiative Vulnerability (Schneider Electric IGSS)".
- Category changed from "Vulnerabilities" to "Exploits".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 25, 2021
- Last Modified Date: May 13, 2025
41867: HTTP: D-Link DAP-1325 HNAP SetHostIPv6StaticSettings Command Injection (ZDI-23-1308,1314-1319)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41867: ZDI-CAN-18820,18832-18837: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: May 13, 2025
41869: HTTP: D-Link DAP-1325 SetTriggerAPValidate Key Stack-based Buffer Overflow (ZDI-23-1320)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41869: ZDI-CAN-18839: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: May 13, 2025
42123: HTTP: D-Link DIR-825/EE xupnpd YouTube Plugin Command Injection (ZDI-22-1701,1702,1703,1704,1705)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42123: ZDI-CAN-19222,19460-19463: Zero Day Initiative Vulnerability (D-Link DIR-825)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 03, 2023
- Last Modified Date: May 13, 2025
42128: HTTP: D-Link DIR-825/EE xupnpd Upload Command Injection Vulnerability (ZDI-22-1706)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42128: ZDI-CAN-19464: Zero Day Initiative Vulnerability (D-Link DIR-825)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 03, 2023
- Last Modified Date: May 13, 2025
* 42212: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-24-023)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42212: ZDI-CAN-18873: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: May 13, 2025
* 42214: HTTP: Trend Micro Apex Central Cross-Site Scripting Vulnerability (ZDI-23-726)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42214: ZDI-CAN-18876: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: May 13, 2025
42334: HTTP: Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Vulnerability (ZDI-23-583)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42334: ZDI-CAN-20170: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
43013: HTTP: D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Buffer Overflow Vulnerability (ZDI-23-1324)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43013: ZDI-CAN-21616: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43014: HTTP: D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Buffer Overflow (ZDI-23-1325)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43014: ZDI-CAN-21617: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43022: HTTP: D-Link DIR-3040 prog.cgi SetWan3Settings Buffer Overflow Vulnerability (ZDI-23-1326,1327,1330)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43022: ZDI-CAN-21618,21619,21622: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43023: HTTP: D-Link DIR-3040 prog.cgi SetSysEmailSettings Buffer Overflow Vulnerability (ZDI-23-1328)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43023: ZDI-CAN-21620: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43024: HTTP: D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Buffer Overflow Vulnerability (ZDI-23-1331)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43024: ZDI-CAN-21623: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43026: HTTP: D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Buffer Overflow Vulnerability (ZDI-23-1329)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43026: ZDI-CAN-21621: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: May 13, 2025
43030: HTTP: D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Buffer Overflow Vulnerability (ZDI-23-1334)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43030: ZDI-CAN-21652: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 08, 2023
- Last Modified Date: May 13, 2025
43031: HTTP: D-Link DIR-3040 prog.cgi SetDeviceSettings Buffer Overflow Vulnerability (ZDI-23-1332)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43031: ZDI-CAN-21650: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: May 13, 2025
43032: HTTP: D-Link DIR-3040 prog.cgi SetUsersSettings Buffer Overflow Vulnerability (ZDI-23-1336)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43032: ZDI-CAN-21654: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: May 13, 2025
43038: HTTP: D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Buffer Overflow Vulnerability (ZDI-23-1333)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43038: ZDI-CAN-21651: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: May 13, 2025
43039: HTTP: D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Buffer Overflow Vulnerability (ZDI-23-1335)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43039: ZDI-CAN-21653: Zero Day Initiative Vulnerability (D-Link DIR-3040)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: May 13, 2025
44664: HTTP: Delta Electronics CNCSoft-G2 DOPSoft Stack-based Buffer Overflow Vulnerability (ZDI-24-1402)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: May 13, 2025
44947: HTTP: Cisco IOS XE SNMP GET-NEXT cilmCurrentImageLevel Buffer Overflow Vulnerability (ZDI-25-276)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44947: ZDI-CAN-25019: Zero Day Initiative Vulnerability (Cisco IOS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44948: HTTP: Cisco IOS XE SNMP GET-NEXT cContextMappingBridgeDomainIdentifier Buffer Overflow (ZDI-25-279)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44948: ZDI-CAN-25022: Zero Day Initiative Vulnerability (Cisco IOS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44949: HTTP: Cisco IOS XE SNMP SET cewProxyClass Stack-based Buffer Overflow Vulnerability (ZDI-25-281)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44949: ZDI-CAN-25017: Zero Day Initiative Vulnerability (Cisco IOS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44957: HTTP: Cisco IOS XE SNMP GET-NEXT ciscoFlashChipCode Unexpected Sign Extension (ZDI-25-280)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44957: ZDI-CAN-25024: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44959: HTTP: Cisco IOS XE SNMP GET-NEXT callHomeUserDefCmdName Unexpected Sign Extension (ZDI-25-275)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44959: ZDI-CAN-25018: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44960: HTTP: Cisco IOS XE SNMP SET cewEventTime Stack-based Buffer Overflow Vulnerability (ZDI-25-277)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44960: ZDI-CAN-25020: Zero Day Initiative Vulnerability (Cisco IOS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44961: HTTP: Cisco IOS XE SNMP GET-NEXT ctspIpSgtValue Buffer Overflow Vulnerability (ZDI-25-278)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44961: ZDI-CAN-25021: Zero Day Initiative Vulnerability (Cisco IOS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: May 13, 2025
44986: HTTP: Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension (ZDI-25-270)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44986: ZDI-CAN-25030: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 29, 2024
- Last Modified Date: May 13, 2025
44998: HTTP: Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Vulnerability (ZDI-25-273)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44998: ZDI-CAN-25023: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 26, 2024
- Last Modified Date: May 13, 2025
45174: HTTP: Ivanti Avalanche SecureFilter Authentication Bypass Vulnerability (ZDI-25-044)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 17, 2024
- Last Modified Date: May 13, 2025
45803: HTTP: Suspicious Number of Encoding Headers
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: May 06, 2025
- Last Modified Date: May 13, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 31875: HTTP: Adobe Acrobat Pro DC ImageConversion EMF GIF Buffer Overflow Vulnerability (ZDI-18-597)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "31875: ZDI-CAN-5760: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 29, 2018
- Last Modified Date: May 13, 2025
32810: HTTP: Foxit Reader TextBox Validate Use-After-Free Vulnerability (ZDI-18-1181)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "32810: ZDI-CAN-6439: Zero Day Initiative Vulnerability (ABB Panel Builder 800)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 07, 2018
- Last Modified Date: May 13, 2025
* 33164: HTTP: Foxit Reader XFA isPropertySpecified Use-After-Free Vulnerability (ZDI-18-1214)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33164: ZDI-CAN-6470: Zero Day Initiative Vulnerability (Foxit Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 16, 2018
- Last Modified Date: May 13, 2025
33320: HTTP: OMRON CX-Supervisor sr3 File Parsing Script API Use-After-Free Vulnerability (ZDI-18-1446)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33320: ZDI-CAN-6657: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 23, 2018
- Last Modified Date: May 13, 2025
* 33327: HTTP: Foxit Reader array Use-After-Free Vulnerability (ZDI-18-1159)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: November 06, 2018
- Last Modified Date: May 13, 2025
* 33486: HTTP: Adobe Acrobat Pro DC ImageConversion XPS Out-Of-Bounds Read Vulnerability (ZDI-18-1390)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33486: ZDI-CAN-7165: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: November 13, 2018
- Last Modified Date: May 13, 2025
33741: HTTP: Adobe Acrobat Reader HTML2PDF Use-After-Free Vulnerability (ZDI-18-1385)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: December 18, 2018
- Last Modified Date: May 13, 2025
35111: HTTP: Trend Micro OfficeScan ServerMigrationTool Out-Of-Bounds Read Vulnerability (ZDI-20-1225)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "35111: ZDI-CAN-11108: Zero Day Initiative Vulnerability (Trend Micro OfficeScan)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: June 16, 2020
- Last Modified Date: May 13, 2025
36070: HTTP: HP Enterprise IMC Language Injection Vulnerability (ZDI-19-1039,1040,1042,1043,1044,1045)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "36070: ZDI-CAN-8963,8964,8968,8969,8970,8971: Zero Day Initiative Vulnerability (HPE IMC)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 27, 2019
- Last Modified Date: May 13, 2025
36312: HTTP: Advantech WISE-PaaS/RMM AccountMgmt activateAccount XML Information Disclosure (ZDI-19-953)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: October 15, 2019
- Last Modified Date: May 13, 2025
37860: HTTP: D-Link DAP-1860 HNAP Authorization Command Injection Vulnerability (ZDI-20-1428)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: July 21, 2020
- Last Modified Date: May 13, 2025
37861: HTTP: D-Link DAP-1860 uHTTPd Authentication Bypass Vulnerability (ZDI-20-1429)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: July 21, 2020
- Last Modified Date: May 13, 2025
38061: HTTP: NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability (ZDI-20-1451)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38061: ZDI-CAN-11559: Zero Day Initiative Vulnerability (NETGEAR R7450)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 22, 2020
- Last Modified Date: May 13, 2025
38817: HTTP: QNAP NAS MusicStation Directory Traversal Arbitrary Vulnerability (ZDI-21-591)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38817: ZDI-CAN-12048: Zero Day Initiative Vulnerability (QNAP NAS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 02, 2021
- Last Modified Date: May 13, 2025
39387: HTTP: Advantech iView getAllActiveTraps SQL Injection Vulnerability (ZDI-21-653)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39387: ZDI-CAN-11838: Zero Day Initiative Vulnerability (Advantech iView)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: March 30, 2021
- Last Modified Date: May 13, 2025
39388: HTTP: Advantech iView deleteZtpConfig SQL Injection Vulnerability (ZDI-21-654)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: March 30, 2021
- Last Modified Date: May 13, 2025
39392: HTTP: D-Link DAP-1330 lighttpd http_parse_request Buffer Overflow Vulnerability (ZDI-21-681)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39392: ZDI-CAN-12065: Zero Day Initiative Vulnerability (D-Link DAP-1330)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 30, 2021
- Last Modified Date: May 13, 2025
39420: HTTP: Advantech iView NetworkServlet SQL Injection Vulnerability (ZDI-21-655)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39420: ZDI-CAN-13137: Zero Day Initiative Vulnerability (Advantech iView)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: April 06, 2021
- Last Modified Date: May 13, 2025
39515: HTTP: ISC BIND TKEY Query Integer Overflow Vulnerability (ZDI-21-657)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39515: ZDI-CAN-13347: Zero Day Initiative Vulnerability (ISC BIND)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 20, 2021
- Last Modified Date: May 13, 2025
40337: HTTP: Adobe Acrobat AcroForm deleteItemAt Use-After-Free Vulnerability (ZDI-21-1099)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: September 21, 2021
- Last Modified Date: May 13, 2025
40464: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-432)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40464: ZDI-CAN-14797: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: May 13, 2025
40812: HTTP: Foxit PDF Reader Doc Object Use-After-Free Vulnerability (ZDI-22-275)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40812: ZDI-CAN-15851: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 01, 2022
- Last Modified Date: May 13, 2025
40813: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-22-277)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40813: ZDI-CAN-15853: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 01, 2022
- Last Modified Date: May 13, 2025
40814: HTTP: Foxit PDF Reader Doc Use-After-Free Vulnerability (ZDI-22-279)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40814: ZDI-CAN-16115: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 01, 2022
- Last Modified Date: May 13, 2025
40934: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1167)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40934: ZDI-CAN-16270: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 01, 2022
- Last Modified Date: May 13, 2025
40957: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1168)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40957: ZDI-CAN-16271: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 13, 2025
40958: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1169)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40958: ZDI-CAN-16296: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 13, 2025
40959: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1170)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40959: ZDI-CAN-16304: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 13, 2025
40960: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1171)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40960: ZDI-CAN-16358: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 13, 2025
40961: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1172)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40961: ZDI-CAN-16360: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 13, 2025
42332: HTTP: Autodesk 3DS Max USD File Parsing Uninitialized Pointer Vulnerability (ZDI-23-582)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42332: ZDI-CAN-20173: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42333: HTTP: Autodesk 3DS Max USD File Parsing Use-After-Free Vulnerability (ZDI-23-579)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42333: ZDI-CAN-20171: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42335: HTTP: Autodesk 3DS Max USD File Parsing Out-Of-Bounds Write Vulnerability (ZDI-23-584)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42335: ZDI-CAN-20169: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42336: HTTP: Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Vulnerability (ZDI-23-577)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42336: ZDI-CAN-20168: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42339: HTTP: Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Vulnerability (ZDI-23-578)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42339: ZDI-CAN-20221: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42340: HTTP: Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Vulnerability (ZDI-23-581)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42340: ZDI-CAN-20174: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
42341: HTTP: Autodesk 3DS Max USD File Parsing Use-After-Free Vulnerability (ZDI-23-580)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42341: ZDI-CAN-20175: Zero Day Initiative Vulnerability (Autodesk 3DS Max)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: May 13, 2025
* 43069: HTTP: Trend Micro Apex Central widget WFProxy Local File Inclusion Vulnerability (ZDI-24-024)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43069: ZDI-CAN-21327: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: May 13, 2025
* 44382: HTTP: Ivanti Endpoint Manager SQL Injection (ZDI-24-1213,1215,1217,1218,1219,1221,ZDI-25-041)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: May 13, 2025
45600: HTTP: eCharge Hardy Barth cPH2 index.php Command Injection Vulnerability (ZDI-25-249)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45600: ZDI-CAN-23115: Zero Day Initiative Vulnerability (eCharge Hardy Barth cPH2)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 25, 2025
- Last Modified Date: May 13, 2025
45601: HTTP: eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Vulnerability (ZDI-25-247)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45601: ZDI-CAN-23113: Zero Day Initiative Vulnerability (eCharge Hardy Barth cPH2)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 25, 2025
- Last Modified Date: May 13, 2025
45730: ZDI-CAN-26524: Zero Day Initiative Vulnerability (Allegra)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Name changed from "45730: ZDI-CAN-26436: Zero Day Initiative Vulnerability (Allegra)".
- Release Date: April 15, 2025
- Last Modified Date: May 13, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.