New Filters:
45790: HTTP: Zabbix CApiService SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-36465 CVSS 7.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45912: HTTP: Splunk Enterprise App Install
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the upload of a new app in Splunk Enterprise.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45913: HTTP: Suspicious Apache Parquet Avro Schema File Download Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a download of a suspicious parquet file containing avro schema java class.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30065
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45914: HTTP: Apache Parquet Avro Schema javax.swing.JEditorPane Class Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a deserialization vulnerability in Apache Parquet.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30065
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45915: HTTP: WordPress SureTriggers Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in the SureTriggers WordPress plugin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-3102
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45916: ZDI-CAN-27083: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45917: ZDI-CAN-27084: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45918: ZDI-CAN-27085: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45919: ZDI-CAN-27098: Zero Day Initiative Vulnerability (Autodesk Revit)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk Revit.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45920: ZDI-CAN-27152: Zero Day Initiative Vulnerability (Autodesk Revit)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk Revit.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45921: HTTP: Grafana XY Chart Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in the Grafana XY Chart plugin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2703
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45922: ZDI-CAN-27117: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 27, 2025
45924: HTTP: Ivanti Endpoint Manager Mobile featureusage Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Ivanti Endpoint Manager Mobile.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-4427
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45925: HTTP: Ivanti Endpoint Manager Mobile Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an remote code execution vulnerability in Ivanti Endpoint Manager Mobile.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-4428
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
45934: HTTP: Fortinet FortiSandbox Dashboard Widget Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Fortinet FortiSandbox.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-27781
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 27, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
29572: HTTP: Apache Struts 2 XStreamHandler Suspicious XML Command Usage
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: September 12, 2017
- Last Modified Date: May 27, 2025
* 29580: HTTP: Apache Struts 2 XStreamHandler Command Injection Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: September 12, 2017
- Last Modified Date: May 27, 2025
* 29596: HTTP: Apache Struts 2 XStreamHandler ysoserial Payload
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: September 12, 2017
- Last Modified Date: May 27, 2025
* 29602: HTTP: Apache Struts 2 XStreamHandler Command Injection Vulnerability
- IPS Version: 3.2.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: September 12, 2017
- Last Modified Date: May 27, 2025
39475: HTTP: Siemens JT2Go BMP File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-832)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39475: ZDI-CAN-13059: Zero Day Initiative Vulnerability (Siemens JT2Go)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 06, 2021
- Last Modified Date: May 27, 2025
40079: HTTP: Fatek Automation WinProladder PDW File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-028)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40079: ZDI-CAN-14517: Zero Day Initiative Vulnerability (Fatek Automation WinProladder)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 17, 2021
- Last Modified Date: May 27, 2025
40490: HTTP: Foxit PDF Reader Annotation Use-After-Free Vulnerability (ZDI-21-1205)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40490: ZDI-CAN-15167: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 09, 2021
- Last Modified Date: May 27, 2025
40614: HTTP: Foxit PDF Reader Doc Object Out-Of-Bounds Read Vulnerability (ZDI-22-269)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40614: ZDI-CAN-15703: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 13, 2021
- Last Modified Date: May 27, 2025
40690: HTTP: Sonos One Speaker Integer Underflow Vulnerability (Pwn2Own ZDI-22-260)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40690: PWN2OWN ZDI-CAN-15828: Zero Day Initiative Vulnerability (Sonos One Speaker)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 18, 2022
- Last Modified Date: May 27, 2025
40793: HTTP: Foxit PDF Reader AcroForm Use-After-Free Vulnerability (ZDI-22-273)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40793: ZDI-CAN-15987: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 25, 2022
- Last Modified Date: May 27, 2025
* 44038: HTTP: Adobe Acrobat Reader DC Collab Command Injection Vulnerability (Pwn2Own ZDI-25-259)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44038: PWN2OWN ZDI-CAN-23843: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: May 27, 2025
44669: HTTP: Delta Electronics DIAScreen DPA Stack-based Buffer Overflow Vulnerability (ZDI-24-1461)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: May 27, 2025
44999: HTTP: Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Vulnerability (ZDI-25-274)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44999: ZDI-CAN-25575: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 26, 2024
- Last Modified Date: May 27, 2025
45000: HTTP: Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Vulnerability (ZDI-25-272)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45000: ZDI-CAN-25576: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 26, 2024
- Last Modified Date: May 27, 2025
45001: HTTP: Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Vulnerability (ZDI-25-271)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45001: ZDI-CAN-25577: Zero Day Initiative Vulnerability (Cisco IOS)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 26, 2024
- Last Modified Date: May 27, 2025
* 45092: HTTP: Fortinet FortiWeb cgi_httpcontentrouting_post Directory Traversal Vulnerability (ZDI-25-288)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45092: ZDI-CAN-25181: Zero Day Initiative Vulnerability (Fortinet FortiWeb)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 19, 2024
- Last Modified Date: May 27, 2025
45599: HTTP: eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Vulnerability (ZDI-25-248)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45599: ZDI-CAN-23114: Zero Day Initiative Vulnerability (eCharge Hardy Barth cPH2)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 25, 2025
- Last Modified Date: May 27, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 38935: HTTP: Microsoft Paint 3D GLB File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-671)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38935: ZDI-CAN-12872: Zero Day Initiative Vulnerability (Microsoft Windows Paint 3D)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 23, 2021
- Last Modified Date: May 27, 2025
39589: HTTP: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Vulnerability (ZDI-21-662)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39589: ZDI-CAN-13481: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 27, 2021
- Last Modified Date: May 27, 2025
40129: HTTP: Foxit PDF Editor StrikeOut Annotation Use-After-Free Vulnerability (ZDI-21-1185-ZDI-21-1198)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40129: ZDI-CAN-14355-14368: Zero Day Initiative Vulnerability (Foxit PDF Editor)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 24, 2021
- Last Modified Date: May 27, 2025
40611: HTTP: Foxit PDF Reader Doc Object Use-After-Free Vulnerability (ZDI-22-271)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40611: ZDI-CAN-15744: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 13, 2021
- Last Modified Date: May 27, 2025
40612: HTTP: Foxit PDF Reader Doc Object Use-After-Free Vulnerability (ZDI-22-270)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40612: ZDI-CAN-15702: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 13, 2021
- Last Modified Date: May 27, 2025
40803: HTTP: Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-623)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40803: ZDI-CAN-15592: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 01, 2022
- Last Modified Date: May 27, 2025
40962: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-22-1173)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40962: ZDI-CAN-16361: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: May 27, 2025
42633: UDP: Siemens SINEMA Server sysLocation Cross-Site Scripting Vulnerability (ZDI-23-1600)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42633: ZDI-CAN-19823: Zero Day Initiative Vulnerability (Siemens Sinema Server)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 02, 2023
- Last Modified Date: May 27, 2025
* 44036: HTTP: Adobe Acrobat Reader DC JavaScript API Restrictions Bypass Vulnerability (Pwn2Own ZDI-25-258)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44036: PWN2OWN ZDI-CAN-23553: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: May 27, 2025
44262: HTTP: Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Vulnerability (ZDI-24-1160)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44262: ZDI-CAN-23730: Zero Day Initiative Vulnerability (Apple WebKit)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: May 21, 2024
- Last Modified Date: May 27, 2025
* 45907: HTTP: Mozilla Firefox SpiderMonkey Out-Of-Bounds Write Vulnerability (Pwn2Own ZDI-25-292)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45907: PWN2OWN ZDI-CAN-27202: Zero Day Initiative Vulnerability (Mozilla Firefox)".
- Category changed from "Exploits" to "Vulnerabilities".
- Description updated.
- Vulnerability references updated.
- Release Date: May 20, 2025
- Last Modified Date: May 27, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.