New Filters:
45272: HTTP: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a race condition vulnerability in Apache Tomcat.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50379
- Classification: Vulnerability - Race Condition
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45273: HTTP: XWiki.org XWiki Solr Search Information Disclosure Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an information disclosure vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-50719
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45274: HTTP: Netgate pfSense interfaces_groups_edit.php members Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Netgate pfSense.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-46538 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45275: HTTP: Jenkins Core json-lib Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit denial-of-service vulnerability has been reported in the bundled Jenkins library json-lib.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-47855
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45276: HTTP: http-proxy-middleware micromatch Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in http-proxy-middleware.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21536
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45278: HTTP: Zabbix addRelatedObjects SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-42327
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45279: TCP: Veeam Backup and Replication CProxyBinaryFormatter Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Veeam Backup and Replication.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-42455 CVSS 4.7
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45280: HTTP: Fortinet FortiWLM progressfile Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an OS command injection in Fortinet FortiWLM.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34993
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45281: HTTP: Fortinet FortiWLM progressfile Unauthenticated Arbitrary File Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file read in Fortinet FortiWLM.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-42783
- Classification: Vulnerability - Access Validation
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45283: HTTP: Nodejs dot.js Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in the dot.js package for Nodejs.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8141 CVSS 8.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45284: HTTP: Selenium Server Grid Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code execution vulnerability in Selenium Server Grid.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-28108
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45286: HTTP: Draw.IO Project Name OS Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an OS command injection vulnerability in draw.io.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3974
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45288: HTTP: Spring Frameworks Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Spring Frameworks.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34034
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
45300: HTTP: Four-Faith Industrial Router Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability affecting Four-Faith Industrial Routers.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12856 CVSS 7.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: January 14, 2025
45301: TCP: Kerberos Suspicious krbtgt Ticket Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious attempt to request the krbtgt ticket.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-21299
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: TCP (Generic)
- Platform: Windows Server Application or Service
- Release Date: January 14, 2025
45302: HTTP: Pandas DataFrame Query Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability affecting the Pandas module for Python.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 14, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 43929: ZDI-CAN-23548: Zero Day Initiative Vulnerability (Microsoft Windows)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: March 05, 2024
- Last Modified Date: January 14, 2025
44808: TCP: Ivanti Endpoint Manager AgentPortal Remote Code Execution Vulnerability (ZDI-24-1223)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 24, 2024
- Last Modified Date: January 14, 2025
44844: ZDI-CAN-25373: Zero Day Initiative Vulnerability (Microsoft Windows)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: October 01, 2024
- Last Modified Date: January 14, 2025
45246: HTTP: WSO2 API Manager SynapseArtifactUploaderAdmin File Upload Vulnerability (ZDI-24-1741)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45246: ZDI-CAN-26065: Zero Day Initiative Vulnerability (WS02 API Manager)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 31, 2024
- Last Modified Date: January 14, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 44503: HTTP: Arista NG Firewall ReportEntry SQL Injection Vulnerability (ZDI-24-1719)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44503: ZDI-CAN-24325: Zero Day Initiative Vulnerability (Arista NG Firewall)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 16, 2024
- Last Modified Date: January 14, 2025
* 44504: HTTP: Arista NG Firewall ExecManagerImpl Command Injection Vulnerability (ZDI-24-1717)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44504: ZDI-CAN-24015: Zero Day Initiative Vulnerability (Arista NG Firewall)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 16, 2024
- Last Modified Date: January 14, 2025
* 44505: HTTP: Arista NG Firewall custom_handler Directory Traversal Vulnerability (ZDI-24-1718)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44505: ZDI-CAN-24019: Zero Day Initiative Vulnerability (Arista NG Firewall)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 16, 2024
- Last Modified Date: January 14, 2025
44607: HTTP: Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Vulnerability (ZDI-24-1729)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44607: ZDI-CAN-24848: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 14, 2025
44740: HTTP: Ashlar-Vellum Cobalt XE File Parsing Type Confusion Vulnerability (ZDI-24-1733)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44740: ZDI-CAN-24847: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 10, 2024
- Last Modified Date: January 14, 2025
44741: HTTP: Ashlar-Vellum Graphite VC6 File Parsing Buffer Overflow Vulnerability (ZDI-24-1734)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44741: ZDI-CAN-24976: Zero Day Initiative Vulnerability (Ashlar-Vellum Graphite)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 10, 2024
- Last Modified Date: January 14, 2025
44742: HTTP: Ashlar-Vellum Graphite VC6 File Parsing Buffer Overflow Vulnerability (ZDI-24-1735)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44742: ZDI-CAN-24977: Zero Day Initiative Vulnerability (Ashlar-Vellum Graphite)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 10, 2024
- Last Modified Date: January 14, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.