New Filters:
43178: HTTP: D-Link DIR-3040 prog.cgi websSecurityHandler Denial-of-Service Vulnerability (ZDI-24-445)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in D-Link DIR-3040.
- Deployment: Not enabled by default in any deployment.
- References:
- Zero Day Initiative: ZDI-24-445
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44220: HTTP: ByteDance ByteSpider User-Agent Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a HTTP request with a ByteDance ByteSpider User-Agent Header.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44302: HTTP: Kaspersky Antivirus Update
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: The filter detects attempts to update Kaspersky Antivirus.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44309: HTTP: XWiki.org XWiki UIExtension WikiUIExtensionParameters Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-31997 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44311: HTTP: OpenMetadata Events Subscriptions Validation API SpEL Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SpEL code injection vulnerability in OpenMetadata.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-28254 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44312: HTTP: GitLab Community and Enterprise Edition Profile Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in GitLab Community and Enterprise Edition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-1451 CVSS 7.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44313: ZDI-CAN-24182: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Reader DC.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: May 28, 2024
44317: HTTP: Suspicious pgAdmin validate_binary_path Endpoint Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious validate_binary_path endpoint request in pgAdmin.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-3116 CVSS 8.9
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44318: TLS: Kaspersky Site Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects Kaspersky usage.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: SSL/TLS
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44319: HTTP: Inductive Automation Ignition AbstractGatewayFunction Insecure Deserialization (ZDI-23-1045)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Inductive Automation Ignition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-39473 CVSS 8.8
- Zero Day Initiative: ZDI-23-1045
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: May 28, 2024
44320: HTTP: Fluentd Fluent Bit Memory Corruption Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a memory corruption vulnerability in Fluentd Fluent Bit.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-4323
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
44324: HTTP: F5 BIG-IP Next Central Manager API OData Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an OData injection vulnerability in F5 BIG-IP Next Central Manager API.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21793
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: May 28, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 19566: HTTP: Adobe Reader Malicious PDF Download
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: May 26, 2015
- Last Modified Date: May 28, 2024
* 43439: HTTP: Apache ActiveMQ OpenWire Protocol Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 07, 2023
- Last Modified Date: May 28, 2024
43585: HTTP: Ivanti Avalanche getAdhocFilePath Directory Traversal Vulnerability (ZDI-24-382)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 02, 2024
- Last Modified Date: May 28, 2024
43587: HTTP: Ivanti Avalanche extractZipEntry Directory Traversal Vulnerability (ZDI-24-384)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 07, 2024
- Last Modified Date: May 28, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
9157: ONC-RPC: Portmap Service Fragmented Request (tcp)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: November 02, 2009
- Last Modified Date: May 28, 2024
29346: HTTP: Apache HTTP Server ap_find_token Out-of-Bounds Read Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: August 22, 2017
- Last Modified Date: May 28, 2024
30925: SMB: Microsoft Expression Design Insecure Library Loading Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: April 03, 2018
- Last Modified Date: May 28, 2024
33183: HTTP: Quest KACE System Management download_attachment Directory Traversal Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: October 23, 2018
- Last Modified Date: May 28, 2024
40681: HTTP: Zoho ManageEngine Network Configuration Manager ping Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: January 18, 2022
- Last Modified Date: May 28, 2024
41494: HTTP: Adobe ColdFusion Information Disclosure Vulnerability (ZDI-22-1419)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: July 12, 2022
- Last Modified Date: May 28, 2024
42610: HTTP: GitLab Community and Enterprise Edition Kroki Diagram Stored Cross-Site Scripting
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Miscellaneous modification.
- Release Date: May 02, 2023
- Last Modified Date: May 28, 2024
42898: TCP: SolarWinds Network Manager SaveResultsToFile Remote Code Execution Vulnerability (ZDI-23-1586)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: July 04, 2023
- Last Modified Date: May 28, 2024
43109: HTTP: GLPI-Project GLPI ComputerVirtualMachine Frontend SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: August 08, 2023
- Last Modified Date: May 28, 2024
43110: HTTP: GLPI-Project GLPI ComputerVirtualMachine Inventory SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: August 08, 2023
- Last Modified Date: May 28, 2024
43183: HTTP: LibreNMS Ports list.inc.php Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: September 05, 2023
- Last Modified Date: May 28, 2024
43230: HTTP: D-Link D-View executeWmicCmd Command Injection Vulnerability (ZDI-24-448)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43230: ZDI-CAN-21821: Zero Day Initiative Vulnerability (D-Link D-View)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 12, 2023
- Last Modified Date: May 28, 2024
43235: HTTP: LibreNMS Ports outages.inc.php Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: September 19, 2023
- Last Modified Date: May 28, 2024
43391: HTTP: JetBrains TeamCity XML-RPC Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: October 31, 2023
- Last Modified Date: May 28, 2024
* 43847: NTP: ntpd ctl_getitem Out-of-Bounds Read Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: February 20, 2024
- Last Modified Date: May 28, 2024
Removed Filters:
44051: ZDI-CAN-23854: Zero Day Initiative Vulnerability (RARLAB WinRAR)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Release Date: April 02, 2024
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.