New Filters:
42740: HTTP: Zyxel Routers and CPE Information Disclosure Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an information disclosure vulnerability in ZyXEL DX5401-B0.
- Deployments:
- Deployment: Performance-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28770
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 06, 2023
42766: ZDI-CAN-20581: Zero Day Initiative Vulnerability (Control Web Panel)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Control Web Panel.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Performance-Optimized (Disabled)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42767: HTTP: Pimcore SearchController.php SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an SQL injection vulnerability in Pimcore.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-1578
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 06, 2023
42772: HTTP: Suspicious Multi-line Transfer-Encoding Header
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects multiple Transfer-Encoding headers being used in an HTTP request.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-32215
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 06, 2023
42773: TCP: Veeam Backup and Replication CredentialsDbScopeGetAllCredsB Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Critical
- Description: This filter detects the usage of CredentialsDbScopeGetAllCredsB in Veeam Backup and Replication.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-27532
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: June 06, 2023
42776: ISAKMP: ZyXEL Multiple Products Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in various ZyXEL network devices, including ATP, USG FLEX, VPN, and ZyWall.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28771
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: ISAKMP/IKE
- Platform: Networked Hardware Device Application or Service
- Release Date: June 06, 2023
42777: ZDI-CAN-20983: Zero Day Initiative Vulnerability (D-Link DIR-X3260)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting D-Link DIR-X3260.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42778: ZDI-CAN-21090: Zero Day Initiative Vulnerability (SolarWinds Orion)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42779: TCP: SolarWinds DameWare Mini Remote Control Heap Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a heap buffer overflow vulnerability in SolarWinds DameWare Mini Remote Control.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2019-3955 CVSS 7.5
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: TCP (Generic)
- Platform: Windows Client Application
- Release Date: June 06, 2023
42780: ZDI-CAN-21095: Zero Day Initiative Vulnerability (SolarWinds Orion)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42781: ZDI-CAN-21080: Zero Day Initiative Vulnerability (Control Web Panel)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Control Web Panel.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Performance-Optimized (Disabled)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42782: ZDI-CAN-20582: Zero Day Initiative Vulnerability (Control Web Panel)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Control Web Panel.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Performance-Optimized (Disabled)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42783: ZDI-CAN-21096: Zero Day Initiative Vulnerability (SolarWinds Orion)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42784: ZDI-CAN-21041: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42785: ZDI-CAN-21051: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42786: ZDI-CAN-21054: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42787: ZDI-CAN-21060: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42788: ZDI-CAN-21106: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42789: ZDI-CAN-21132: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42794: ZDI-CAN-21127: Zero Day Initiative Vulnerability (Sante DICOM)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Sante DICOM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42795: ZDI-CAN-21125: Zero Day Initiative Vulnerability (Sante DICOM)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Sante DICOM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42796: ZDI-CAN-21126: Zero Day Initiative Vulnerability (Sante DICOM)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Sante DICOM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42797: ZDI-CAN-21121: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42798: SMTP: Windows Kernel True Type Font Parsing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a vulnerability in the Microsoft Windows Kernel handling of True Type Fonts.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2012-4786 CVSS 10.0
- Microsoft Security Bulletin: MS12-078
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: June 06, 2023
42799: ZDI-CAN-21022: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42800: ZDI-CAN-21062: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 06, 2023
42808: HTTP: MOVEit Transfer SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in MOVEit Transfer.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34362
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 06, 2023
42811: HTTP: MOVEit Transfer MOVEitISAPI.dll Endpoint Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to access the MOVEitISAPI.dll endpoint.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34362
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 06, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
12742: RPC: CA ARCServe Backup Data Validation Remote Code Execution Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: January 29, 2013
- Last Modified Date: June 06, 2023
30852: DNS: ISC BIND Zero Length RDATA Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: March 27, 2018
- Last Modified Date: June 06, 2023
36072: HTTP: Cisco Data Center Network Manager reportTemplateUploadPolicy Directory Traversal (ZDI-20-007)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 27, 2019
- Last Modified Date: June 06, 2023
* 36582: HTTP: rConfig Network Management rootUname Command Injection Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: November 05, 2019
- Last Modified Date: June 06, 2023
38774: HTTP: Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38774: ZDI-CAN-12530: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
- Description updated.
- Detection logic updated.
- Release Date: January 26, 2021
- Last Modified Date: June 06, 2023
38775: HTTP: Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38775: ZDI-CAN-12531: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
- Description updated.
- Detection logic updated.
- Release Date: January 26, 2021
- Last Modified Date: June 06, 2023
41551: TCP: Ivanti Avalanche SmartDeviceServer AgentTaskHandler Directory Traversal (ZDI-22-787)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41551: TCP: Ivanti Avalanche SmartDeviceServer AgentTaskHandler Directory Traversal (ZDI-22-787) ".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 26, 2022
- Last Modified Date: June 06, 2023
41916: SMB: Microsoft Windows Server Service Authorization Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: November 01, 2022
- Last Modified Date: June 06, 2023
42169: HTTP: Synology RT6600ax dhcpd Command Injection Vulnerability (Pwn2Own ZDI-23-662)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42169: PWN2OWN ZDI-CAN-19753: Zero Day Initiative Vulnerability (Synology RT6600ax)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 17, 2023
- Last Modified Date: June 06, 2023
42402: HTTP: Fortinet FortiNAC configWizard License Key Arbitrary File Write Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Release Date: February 28, 2023
- Last Modified Date: June 06, 2023
42545: HTTP: Schneider Electric IGSS DashBoard.exe Unvalidated String Usage (ZDI-23-334)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: April 04, 2023
- Last Modified Date: June 06, 2023
42590: HTTP: Suspicious HTTP Request Containing NodeJS Command Execution
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: June 06, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
36071: HTTP: Cisco Data Center Network Manager DbAdminRest Directory Traversal Vulnerability (ZDI-20-011)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: August 27, 2019
- Last Modified Date: June 06, 2023
* 39093: HTTP: Microsoft Windows gdi32full ICO File Parsing Out-Of-Bounds Read Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39093: ZDI-CAN-13227: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 16, 2021
- Last Modified Date: June 06, 2023
39372: RDP: Microsoft Windows Remote Desktop Connection Client Out-Of-Bounds Read Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39372: ZDI-CAN-13000: Zero Day Initiative Vulnerability (Microsoft Remote Desktop)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 30, 2021
- Last Modified Date: June 06, 2023
39671: SMB: Trend Micro Apex One Authentication Bypass Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39671: ZDI-CAN-13803: Zero Day Initiative Vulnerability (Trend Micro Apex One)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 11, 2021
- Last Modified Date: June 06, 2023
39672: HTTP: Microsoft Windows HEVC Video Extension Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39672: ZDI-CAN-13758: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 11, 2021
- Last Modified Date: June 06, 2023
* 39673: HTTP: Microsoft 3D Viewer FBX File Parsing Information Disclosure Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39673: ZDI-CAN-13713: Zero Day Initiative Vulnerability (Microsoft Windows 3D Viewer)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 11, 2021
- Last Modified Date: June 06, 2023
40408: HTTP: WECON PLC Editor WCP File Parsing Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40408: ZDI-CAN-14424: Zero Day Initiative Vulnerability (WECON PLC Editor)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 19, 2021
- Last Modified Date: June 06, 2023
40481: HTTP: WECON LeviStudioU XML File Parsing G_bmp Tag Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40481: ZDI-CAN-14934: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: June 06, 2023
41229: HTTP: ICONICS GENESIS64 GDFX Command Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41229: ZDI-CAN-17117: Zero Day Initiative Vulnerability (ICONICS GENESIS64)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 31, 2022
- Last Modified Date: June 06, 2023
41359: HTTP: Foxit PDF Reader resetForm and removeField Use-After-Free Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41359: ZDI-CAN-16827,16976: Zero Day Initiative Vulnerability (Foxit PDF Reader)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 31, 2022
- Last Modified Date: June 06, 2023
41404: HTTP: Samba SMB1 Out-Of-Bounds Read Vulnerability (ZDI-23-713)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41404: ZDI-CAN-17388 Zero Day Initiative Vulnerability (Samba SMB1)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: June 14, 2022
- Last Modified Date: June 06, 2023
42159: HTTP: Lexmark MC3224i snmpUTIL Improper Input Validation Vulnerability (Pwn2Own ZDI-23-669)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42159: PWN2OWN ZDI-CAN-19731: Zero Day Initiative Vulnerability (Lexmark MC3224i)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 17, 2023
- Last Modified Date: June 06, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.