New Filters:
46065: HTTP: Suspicious Visual Studio Code Java Extension Pack Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a download of a suspicious Visual Studio Code Java extension pack.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2021-27084
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46066: HTTP: Liferay Portal Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Liferay Portal.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-4388
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46067: HTTP: Samsung MagicINFO 9 Server Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-4632 CVSS 9.0
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46068: HTTP: Apple macOS CoreAudio mRemappingArray Memory Corruption Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a type confusion vulnerability in Apple macOS CoreAudio.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-31200
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46069: HTTP: VMware vSphere Potential Finger Printing Attempt
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects potential fingerprinting activity in VMWare vSphere.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2021-21972
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: June 24, 2025
46070: HTTP: TBK DVR Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in various TBK DVRs.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-3721
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 24, 2025
46072: HTTP: HPE Insight Remote Support DownloadAttachmentServlet Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Hewlett Packard Enterprise (HPE) Insight Remote Support.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-37098 CVSS 5.7
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46078: HTTP: WordPress Depicter Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects the attempt to exploit a SQL injection vulnerability in WordPress Depicter Plugin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2011 CVSS 7.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
46089: HTTP: Roundcube Webmail _from URL Parameter Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Roundcube Webmail.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49113 CVSS 8.2
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 24, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 29068: HTTP: Apache Struts 2 Struts 1 Plugin Remote Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: July 11, 2017
- Last Modified Date: June 24, 2025
37910: HTTP: Ruby on Rails Argument Call Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 28, 2020
- Last Modified Date: June 24, 2025
38625: HTTP: WordPress Duplicator duplicator_download Directory Traversal Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: December 22, 2020
- Last Modified Date: June 24, 2025
* 42150: HTTP: TP-Link AX1800 locale controller Command Injection Vulnerability (ZDI-23-451)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 10, 2023
- Last Modified Date: June 24, 2025
44388: HTTP: Ivanti Endpoint Manager EFile Directory Traversal Vulnerability (ZDI-24-1501)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 18, 2024
- Last Modified Date: June 24, 2025
* 44487: HTTP: Ivanti Endpoint Manager Report_RunPatch SQL Injection Vulnerability (ZDI-24-1502)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: July 09, 2024
- Last Modified Date: June 24, 2025
* 45058: HTTP: HPE StoreOnce VSA deletePackages Directory Traversal Vulnerability (ZDI-25-317)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45058: ZDI-CAN-25314: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise StoreOnce VSA)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 12, 2024
- Last Modified Date: June 24, 2025
* 45059: HTTP: HPE StoreOnce VSA getServerPayload Directory Traversal Vulnerability (ZDI-25-318)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45059: ZDI-CAN-25315: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise StoreOnce VSA)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 12, 2024
- Last Modified Date: June 24, 2025
* 45060: HTTP: HPE StoreOnce VSA getServerCertificate Command Injection Vulnerability (ZDI-25-319)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45060: ZDI-CAN-25316: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise StoreOnce VSA)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 12, 2024
- Last Modified Date: June 24, 2025
45500: HTTP: HPE Insight Remote Support processAttachmentDataStream Directory Traversal (ZDI-25-325)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45500: ZDI-CAN-25954: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 04, 2025
- Last Modified Date: June 24, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
36985: HTTP: Pivotal RabbitMQ X-Reason HTTP Header Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: February 04, 2020
- Last Modified Date: June 24, 2025
42846: HTTP: Fortinet FortiOS enc Parameter Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: June 20, 2023
- Last Modified Date: June 24, 2025
45728: HTTP: Allegra isZipEntryValide Directory Traversal Vulnerability (ZDI-25-255)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45728: ZDI-CAN-25730: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 15, 2025
- Last Modified Date: June 24, 2025
Removed Filters: None
|