Filtered by vendor Progress Software
Subscriptions
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-10013 | 1 Progress Software | 1 Progress Telerik Ui For Wpf Versions | 2024-11-13 | 7.8 High |
In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability. | ||||
CVE-2024-10012 | 1 Progress Software | 1 Progress Telerik Ui For Wpf Versions | 2024-11-13 | 7.8 High |
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible through an insecure deserialization vulnerability. | ||||
CVE-2024-9999 | 1 Progress Software | 1 Ws Ftp Server | 2024-11-13 | 6.5 Medium |
In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. | ||||
CVE-2024-7292 | 2 Progress, Progress Software | 2 Telerik Report Server, Telerik Report Server | 2024-10-16 | 7.5 High |
In ProgressĀ® TelerikĀ® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. | ||||
CVE-2024-8048 | 2 Progress, Progress Software | 2 Telerik Reporting, Telerik Reporting | 2024-10-15 | 7.8 High |
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation. | ||||
CVE-2024-8015 | 2 Progress, Progress Software | 2 Telerik Report Server, Telerik Reporting | 2024-10-15 | 9.1 Critical |
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. | ||||
CVE-2024-8014 | 2 Progress, Progress Software | 2 Telerik Reporting, Telerik Reporting | 2024-10-15 | 8.8 High |
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability. |
Page 1 of 1.