New Filters:
44915: TCP: Siemens Automation License Manager almsrv64x.exe Integer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an integer overflow vulnerability in Siemens Automation License Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-44087 CVSS 6.5
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44958: HTTP: InVesalius dicom.py Eval Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an eval injection vulnerability in InVesalius.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-42845
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: October 29, 2024
44971: ZDI-CAN-25431: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
44986: ZDI-CAN-25030: Zero Day Initiative Vulnerability (Cisco IOS)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Cisco IOS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
44990: HTTP: Zoho ManageEngine Multiple Products URL Monitoring SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in multiple Zoho ManageEngine products: OpManager, OpManager Plus and MSP, and RMM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-6748 CVSS 6.4
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44991: HTTP: LibreNMS Alert Rule Name Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-47525 CVSS 7.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44993: HTTP: WordPress Feed Them Social Plugin expires_in Cross Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authorization bypass vulnerability in the WordPress Feed Them Social.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-2383
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44994: HTTP: Traccar Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code execution vulnerability in Traccar.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-24809, CVE-2024-31214
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44995: PWN2OWN ZDI-CAN-25607: Zero Day Initiative Vulnerability (Synology DiskStation DS1823xs+)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Synology DiskStation DS1823xs+.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
44996: HTTP: WordPress Transposh Translation tp_history Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects usage of the Transposh WordPress Translation plugin's tp_history parameter.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-2462
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
44997: HTTP: WordPress Login Rebuilder Plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in the Login Rebuilder plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Security-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2223
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 29, 2024
45010: PWN2OWN ZDI-CAN-25581: Zero Day Initiative Vulnerability (Samsung Galaxy S24)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Samsung Galaxy S24.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
45012: PWN2OWN ZDI-CAN-25603: Zero Day Initiative Vulnerability (Ubiquiti AI Bullet)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Ubiquiti AI Bullet.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
45015: PWN2OWN ZDI-CAN-25672: Zero Day Initiative Vulnerability (QNAP Qhora-322)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting QNAP Qhora-322.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
45016: PWN2OWN ZDI-CAN-25667: Zero Day Initiative Vulnerability (QNAP Qhora-322)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting QNAP Qhora-322.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 29, 2024
45017: RPC: Microsoft RPC Specific WinReg UUID Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the usage of a specific UUID (338cd001-2244-31f1-aaaa-900038001003) that is used within Windows RPC.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43532
- Classification: Security Policy - Other
- Protocol: MS-RPC
- Platform: Windows Server Application or Service
- Release Date: October 29, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 32892: HTTP: OGNL Entity Usage in an HTTP URI
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: August 28, 2018
- Last Modified Date: October 29, 2024
* 44383: HTTP: Ivanti Endpoint Manager GetSQLStatement SQL Injection Vulnerability (ZDI-24-1216)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: October 29, 2024
* 44751: HTTP: NVIDIA Onyx Directory Traversal Vulnerability (ZDI-24-1333)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44751: ZDI-CAN-24764: Zero Day Initiative Vulnerability (NVIDIA Onyx)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 10, 2024
- Last Modified Date: October 29, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
4560: HTTP: HTTP Request Smuggling
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 24, 2006
- Last Modified Date: October 29, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.