Filtered by vendor Progress Subscriptions
Filtered by product Telerik Report Server Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6327 1 Progress 1 Telerik Report Server 2024-11-21 9.9 Critical
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.
CVE-2024-7295 1 Progress 1 Telerik Report Server 2024-11-18 7.1 High
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.
CVE-2024-7292 2 Progress, Progress Software 2 Telerik Report Server, Telerik Report Server 2024-10-16 7.5 High
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts.
CVE-2024-8015 2 Progress, Progress Software 2 Telerik Report Server, Telerik Reporting 2024-10-15 9.1 Critical
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVE-2024-7294 1 Progress 2 Telerik Report Server, Telerik Reporting 2024-10-15 7.5 High
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
CVE-2024-7293 1 Progress 2 Telerik Report Server, Telerik Reporting 2024-10-15 7.5 High
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.