New Filters:
45684: HTTP: JetBrains TeamCity Diagnostics Data Directory Cross-Site Scripting Vulnerability (ZDI-25-287)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-46618 CVSS 5.4
- Zero Day Initiative: ZDI-25-287
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
45948: HTTP: NodeBB API Access Token User Id Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in NodeBB.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-29513 CVSS 8.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
45953: HTTP: WordPress WP Font Awesome Share Icons Plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in WP Font Awesome Share Icons plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-3198
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
45957: HTTP: OpenEMR Pharmacy SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-22611 CVSS 8.0
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
45959: HTTP: Fortinet FortiSandbox VM Screenshot Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection in Fortinet FortiSandbox.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-27778 CVSS 8.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
45960: HTTP: Microsoft Remote Desktop Gateway AuthS usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects any AuthS parameter usage in Microsoft Remote Desktop Gateway.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30394
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: June 03, 2025
45962: HTTP: Cisco Small Business Routers Multiple Products Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-20118
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 03, 2025
45963: HTTP: Microsoft Remote Desktop Gateway Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Remote Desktop Gateway.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30394
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: June 03, 2025
45975: HTTP: D-Link DIR-850L Password Login Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in D-Link DIR-850L.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 03, 2025
45977: HTTP: vBulletin API replaceAdTemplate PHP Syntax Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in vBulletin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-48828 CVSS 9.0
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: June 03, 2025
45979: HTTP: vBulletin routestring Conditional PHP Syntax Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in vBulletin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-48828 CVSS 9.0
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 03, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
41614: HTTP: Grafana Labs Grafana Unified Alerting Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 16, 2022
- Last Modified Date: June 03, 2025
42190: HTTP: HP Color LaserJet Pro M479fdw Server-Side Request Forgery Vulnerability (Pwn2Own ZDI-23-1174)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42190: PWN2OWN ZDI-CAN-19683: Zero Day Initiative Vulnerability (HP Color LaserJet Pro M479fdw)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 24, 2023
- Last Modified Date: June 03, 2025
44916: HTTP: Microsoft Management Console Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44916: TCP: Microsoft Management Console Code Execution Vulnerability".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: June 03, 2025
* 44934: HTTP: Trend Micro Apex Central widget getObjWGFServiceApiByApiName Local File Inclusion (ZDI-25-295)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44934: ZDI-CAN-24938: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: June 03, 2025
44951: HTTP: Delta Industrial Automation DIAEnergie Handler_CFG.ashx SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: June 03, 2025
* 44972: HTTP: Palo Alto Expedition Authenticated Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: June 03, 2025
45173: HTTP: Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability (ZDI-25-043)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 18, 2025
- Last Modified Date: June 03, 2025
45230: HTTP: Rockwell Automation ThinManager ThinServer Null Pointer Dereference Vulnerability (ZDI-25-289)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45230: ZDI-CAN-25872: Zero Day Initiative Vulnerability (Rockwell Automation ThinManager)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 24, 2024
- Last Modified Date: June 03, 2025
* 45891: HTTP: WP Hotel Booking WordPress Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: May 20, 2025
- Last Modified Date: June 03, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
40456: HTTP: Fatek Automation FvDesigner FPJ File Parsing Buffer Overflow Vulnerability (ZDI-22-435)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40456: ZDI-CAN-14591: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: June 03, 2025
40963: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-of-Bounds Write Vulnerability (ZDI-22-1174)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40963: ZDI-CAN-16362: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 08, 2022
- Last Modified Date: June 03, 2025
41264: HTTP: Advantech R-SeeNet device_status Local File Inclusion Vulnerability (ZDI-23-1157)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41264: ZDI-CAN-19579: Zero Day Initiative Vulnerability (Advantech R-SeeNet)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: June 03, 2025
42240: HTTP: Oracle Web Applications Desktop Integrator bne:uueupload File Upload
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: June 03, 2025
44053: HTTP: Siemens Tecnomatix Plant Simulation File Parsing Type Confusion Vulnerability (ZDI-24-682)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44053: ZDI-CAN-22958: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 02, 2024
- Last Modified Date: June 03, 2025
* 44932: HTTP: Trend Micro Apex Central widget getBlock Local File Inclusion Vulnerability (ZDI-25-297)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44932: ZDI-CAN-24936: Zero Day Initiative Vulnerability (Trend Micro Apex Central)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: June 03, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.