Views:
July 11, 2025—Trend Vision One now supports Palo Alto Networks PAN-OS logs in custom detection models.
This update includes the following changes:
  • ActiveCampaign 1-2-All Admin Panel User Name Parameter SQL Injection
  • Adobe ColdFusion Improper Access Control Vulnerability
  • Aiohttp Directory Traversal Vulnerability
  • Apache Druid Remote Code Execution Vulnerability
  • Apache Flink Directory Traversal Vulnerability
  • Apache OFBiz XXE Vulnerability
  • Apache Solr Remote Code Execution Vulnerability
  • Apache Struts 2 Remote Code Execution Vulnerability
  • Apache Struts ClassLoader Security Bypass Vulnerability
  • Apache Struts Jakarta Multipart Parser Remote Code Execution Vulnerability
  • Apache Struts2 Code Execution Vulnerability
  • Apache Struts2 Dynamic Method Remote Code Execution Vulnerability
  • Apache Struts2 Redirect or Action Method Remote Code Execution Vulnerability
  • Apache Tomcat Remote Code Execution via JSP Upload Vulnerability
  • Apache Web Server Access Control Bypass Vulnerability
  • Artica Proxy cyrus.php Command Injection Vulnerability
  • Artifex Ghostscript Arbitrary Command Execution Vulnerability
  • AVEVA InTouch Access Anywhere Secure Gateway Path Traversal Vulnerability
  • BE126 WIFI Local File Disclosure Vulnerability
  • Cisco Smart Install Protocol Vulnerability
  • CMS Made Simple SQL Injection Vulnerability
  • Compromised User Name or Password from Previous Data Breach in Inbound FTP Login
  • D-Link HNAP SOAPAction Header Command Execution Vulnerability
  • Elastic Elasticsearch Snapshot API Directory Traversal Vulnerability
  • ElasticSearch Groovy Script Engine Remote Command Execution Vulnerability
  • Ffay Lanproxy Directory Traversal Vulnerability
  • File detection - Unknown Binary File
  • FineCMS Remote Code Execution Vulnerability
  • Generic IoT Device Remote Command Execution Vulnerability
  • Ghost CMS Path Traversal Vulnerability
  • Grafana Labs Grafana Snapshot Authentication Bypass Vulnerability
  • GrandNode Ecommerce LetsEncryptController Directory Traversal Vulnerability
  • Hongdian H8922 Industrial Router Remote Command Execution Vulnerability
  • HP Enterprise VAN SDN Controller Remote Command Execution Vulnerability
  • HP OpenView Network Node Manager HTTP Request Parsing Command Execution Vulnerability
  • HP Universal CMDB Server Credential Code Execution Vulnerability
  • HTTP GET Requests Long URI Anomaly
  • HTTP2 Protocol Suspicious RST STREAM Frame detection
  • Huawei HG532 Home Gateway Remote Code Execution Vulnerability
  • Jackson-Databind JNDI Remote Command Execution Vulnerability
  • Javascript WSF HTA JSE or VBS File Sent in Email
  • JBoss Seam 2 Remote Command Execution Vulnerability
  • JetBrains TeamCity Path Traversal Vulnerability
  • Jolokia Agent JNDI Injection Vulnerability
  • Laravel Ignition Remote Code Execution Vulnerability
  • Magento Server MAGMI Plugin Directory Traversal Vulnerability
  • Microsoft IIS Escaped Characters Decoding Command Execution Vulnerability
  • Microsoft Jet Database Engine Remote Code Execution Vulnerability
  • Mofi Network MOFI4500-4GXeLTE Information Disclosure Vulnerability
  • Nagios SQL Injection Vulnerability
  • Nagios XI SQL Injection Vulnerability
  • NetBSD tnftp Url Fetching Command Execution Vulnerability
  • Netgear JNR1010 Path Traversal Vulnerability
  • NginxWebUI Remote Code Execution Vulnerability
  • Nmap Aggressive Option Print Detection
  • Nmap Service Detection
  • Node.js Remote Code Execution Vulnerability
  • OpenSSH Denial of Service Vulnerability
  • OpenSSL TLS Heartbleed Vulnerability
  • Oracle GlassFish Directory Traversal Vulnerability
  • Pentaho Authentication Bypass Vulnerability
  • PHP DIESCAN Information Disclosure Vulnerability
  • PHP-Fusion Downloads.php Command Injection Vulnerability
  • PHPMoAdmin Object Parameter Handling Code Execution Vulnerability
  • PNG File Chunk Length Abnormal
  • Potential HTML Evasion Technique Detected in HTTP Response
  • RPC Portmapper DUMP Request Detected
  • Shiro Deserialization Remote Code Execution Vulnerability
  • SIPVicious Scanner Detection
  • SMB Data Segmented Across TCP Evasion Attack
  • SolarWinds Storage Manager Authentication Filter Policy Bypass Vulnerability
  • Spring Boot Actuator Remote Code Execution Vulnerability
  • Spring Data Commons Remote Code Execution Vulnerability
  • SSH Failed Brute-force Authentication Attempt
  • SSL Double Client Hello Cipher Suite Length Mismatch
  • Supervisor XML RPC Command Injection Vulnerability
  • ThinkAdmin ModuleService.php Check Allow Download Function Directory Traversal Vulnerability
  • ThinkPHP Arbitrary File Write Vulnerability
  • TLS SNI Denial-of-Service Vulnerability
  • TP-Link Archer Router Command Injection Vulnerability
  • TRENDNet TEW-827DRU Remote Command Execution Vulnerability
  • Webmin rpc.cgi Remote Code Execution Vulnerability
  • WordPress Formidable Forms Plugin Remote Code Execution Vulnerability
  • WordPress LearnPress Plugin SQL Injection Vulnerability
  • WordPress Multiple Plugins SQL Injection Vulnerability
  • WordPress Plugin and Theme Directory Traversal Vulnerability
  • WordPress Plugin Directory Traversal Vulnerability
  • WordPress SimpleBoardJob Plugin Directory Traversal Vulnerability
  • WordPress Video List Manager Plugin SQL Injection Vulnerability
  • Wordpress Visitor Statistics Plugin SQL Injection Vulnerability
  • Zentao Remote Code Execution Vulnerability
  • ZGrab Application Layer Scanner Detection
The related custom detection filters have been added to the tm-v1-detection-models GitHub repository. You can import these detection filters to your Trend Vision One environment to test the new integration.
For more information about custom detection filters, see Custom filters.