Deep Security Center

Page 1 of 30:
1
2
3
4
5
6
7
8
9
10
...
30

RULE UPDATE: 26-001 (January 6, 2026)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Kylin
1012500 - Apache Kylin Arbitrary File Read Vulnerability (CVE-2025-61734)

CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)

Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)

Progress WhatsUp Gold WCF service
1012117* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4883 & CVE-2024-46909)

Unix Samba
1012437* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)

Web Application PHP Based
1012475 - WordPress 'Events Manager' Plugin SQL Injection Vulnerability (CVE-2025-6970)
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
1009168* - WordPress Authenticated Arbitrary File Deletion Vulnerability (CVE-2018-12895)
1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)
1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
1008411* - WordPress Tracking Code Manager Plugin Denial Of Service Vulnerability
1006436* - WordPress WP Symposium Shell Upload Vulnerability
1006467* - Wordpress XML-RPC Pingback gethostbyname Heap-based Buffer Overflow Vulnerability
1006242* - Wordpress XML-RPC XML Denial Of Service Vulnerability

Web Server HTTPS
1012384* - Roundcube Webmail Insecure Deserialization Vulnerability (CVE-2025-49113)
1012508 - WordPress 'AI Engine' Plugin Sensitive Information Exposure Vulnerability (CVE-2025-11749)
1012502 - WordPress 'Sneeit Framework' Plugin Remote Code Execution Vulnerability (CVE-2025-6389)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-054 (December 23, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Kylin
1012483* - Apache Kylin Authentication Bypass Vulnerability (CVE-2025-61733)

React Server
1012506 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 3

Web Application Common
1012505 - Identified Suspicious PHP Command Injection Attack in URI

Web Application Ruby Based
1012438 - Grafana Open Redirect Vulnerability (CVE-2025-4123)

Web Server HTTPS
1012489* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012469* - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)

Web Server Miscellaneous
1012303* - XWiki Code Injection Vulnerability (CVE-2025-24893)

Zoho ManageEngine ADAuditPlus
1012467* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-053 (December 16, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

React Server
1012499 - Identified Suspicious React Gadgets

SAP NetWeaver Java Application Server
1012455* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)

Unix Samba
1012454* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)

Web Server HTTPS
1012489 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012453* - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)

Web Server IIS
1012484 - Microsoft Windows ASP.NET HTTP Request Smuggling Vulnerability (CVE-2025-55315)

Web Server Miscellaneous
1012030* - XWiki Code Injection Vulnerability (CVE-2024-31982)

Web Server SharePoint
1012442* - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-052 (December 9, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

JetBrains TeamCity
1012470* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)

Network Scanner
1008800* - Bypass Network Scanner Traffic

React Server
1012497* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2

TFTP Client Decoder
1003526* - Enable TFTP Decoder

Web Application Ruby Based
1012492 - Grafana Open Redirect Vulnerability (CVE-2025-6197)

Web Client Common
1004715* - HTTP Web Client Decoding

Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1012495 - DataEase Server-Side Request Forgery Vulnerability (CVE-2025-64163)
1000128* - HTTP Protocol Decoding

Web Server HTTPS
1012496 - Fairsketch Rise Ultimate Project Manager and CRM HTML Injection Vulnerability (CVE-2025-60378)

Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder

Zoho ManageEngine ADAuditPlus
1012468* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-3836)

dotCMS
1012471* - dotCMS SQL Injection Vulnerability (CVE-2025-8311)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-051 (December 5, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

React Server
1012497 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-050 (December 4, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

React Server
1012494 - React Server Remote Code Execution Vulnerability (CVE-2025-55182)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-049 (December 2, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)

Ivanti Endpoint Manager
1012346* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 3

NodeBB
1012378* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2025-29513)

Solr Service
1012493 - Apache Solr Information Disclosure Vulnerability (CVE-2023-50291)

Web Server HTTPS
1012372* - Trend Micro Apex Central Local File Inclusion Vulnerability (CVE-2025-47867)
1012490 - WordPress 'Post SMTP' Plugin Authentication Bypass Vulnerability (CVE-2025-11833)

Windows SMB Server
1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-048 (November 25, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Kylin
1012483 - Apache Kylin Authentication Bypass Vulnerability (CVE-2025-61733)

HPE Insight Remote Support
1012389* - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2025-37098)

Ivanti Endpoint Manager
1012149* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
1012346* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 3

JetBrains TeamCity
1012381* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-46618)

OIM Managed Server
1012488 - Oracle Identity Manager Authentication Bypass Vulnerability (CVE-2025-61757)

Web Application Common
1012482 - React Native Community CLI Remote Code Execution Vulnerability (CVE-2025-11953)

Web Application Tomcat
1012487 - Apache Tomcat Directory Traversal Vulnerability (CVE-2025-55752)

Web Server Adobe ColdFusion
1012405* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49541)

Web Server HTTPS
1012486 - Centreon Command Injection Vulnerability (CVE-2025-5946)
1012384* - Roundcube Webmail Insecure Deserialization Vulnerability (CVE-2025-49113)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-047 (November 18, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Directory Server LDAP
1012309* - OpenLDAP SQL Injection Vulnerability (CVE-2022-29155)

Ivanti Endpoint Manager
1012214* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 2

JetBrains TeamCity
1012477 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-47851)

Web Client HTTPS
1012220* - Ivanti Endpoint Manager Multiple Directory Traversal Vulnerabilities

Web Server Apache
1012168* - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)

Web Server Miscellaneous
1012111* - Apache JSPWiki Stored Cross-Site Scripting Vulnerability (CVE-2024-27136)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

RULE UPDATE: 25-046 (November 11, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CentOS Web Panel
1012480 - CentOS Web Panel Command Injection Vulnerability (CVE-2025-48703)

Ivanti Endpoint Manager
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32839 and CVE-2025-62387)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32841 and CVE-2025-62389)

JetBrains TeamCity
1012429* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)

Network Scanner
1008800* - Bypass Network Scanner Traffic

NodeBB
1012382* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2024-57041)

Port Mapper Windows
1001033* - Windows Port Mapper Decoder

TFTP Client Decoder
1003526* - Enable TFTP Decoder

Web Application PHP Based
1012416* - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)

Web Client Common
1004715* - HTTP Web Client Decoding

Web Server Adobe ColdFusion
1012406* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)

Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1000128* - HTTP Protocol Decoding

Web Server HTTPS
1012469 - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)

Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder

Zoho ManageEngine ADSelfService Plus
1012393* - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)

Integrity Monitoring Rules:

1002853* - Application - Apache Tomcat

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

Deep Security Center

Featured Stories

Trend Vision One™ - Proactive Security Starts Here.

Resources

Support

About Trend

Country Headquarters