progress

261 tracked vulnerabilities.

CVE-2024-11629 HIGH
Telerik Document Processing <2025.1.205 - Path Traversal
Feb 12, 2025
CVSS 7.1
EPSS 0.00
CVE-2024-11628 MEDIUM
Telerik Kendo UI for Vue <6.0.1 - Command Injection
Feb 12, 2025
CVSS 4.1
EPSS 0.01
CVE-2024-12629 MEDIUM
Progress KendoReact 3.5.0-9.4.0 - Prototype Pollution
Feb 12, 2025
CVSS 4.1
EPSS 0.01
CVE-2024-11343 HIGH
Telerik Document Processing <2025.1.205 - Path Traversal
Feb 12, 2025
CVSS 8.3
EPSS 0.01
CVE-2024-12251 HIGH
Telerik UI for WinUI 2.0.0-2.0.0 - Command Injection via Hyperlink Element
Feb 12, 2025
CVSS 7.8
EPSS 0.01
CVE-2024-56135 HIGH
Progress LoadMaster < 7.2.48.12 and 7.2.49.0-7.2.54.12 and 7.2.55.0-7.2.60.1 - Authenticated OS Command Injection
Feb 05, 2025
CVSS 8.4
EPSS 0.01
CVE-2024-56134 HIGH
Progress LoadMaster 7.2.48.12 and prior - Authenticated OS Command Injection
Feb 05, 2025
CVSS 8.4
EPSS 0.01
CVE-2024-56133 HIGH
Progress LoadMaster < 7.2.48.12 - Authenticated OS Command Injection
Feb 05, 2025
CVSS 8.4
EPSS 0.01
CVE-2024-56132 HIGH
Progress LoadMaster 7.2.48.12-7.2.60.1 - Authenticated OS Command Injection
Feb 05, 2025
CVSS 8.4
EPSS 0.06
CVE-2024-56131 HIGH
Progress LoadMaster and Multi-Tenant Hypervisor - Authenticated OS Command Injection
Feb 05, 2025
CVSS 8.4
EPSS 0.01
CVE-2024-11627 MEDIUM
Progress Sitefinity 4.0-15.2.8421 Session Fixation via Insufficient Session Expiration
Jan 07, 2025
CVSS 6.8
EPSS 0.00
CVE-2024-11626 HIGH
Progress Sitefinity 4.0-15.2.8421 - Stored XSS in CMS Backend
Jan 07, 2025
CVSS 8.4
EPSS 0.00
CVE-2024-11625 HIGH
Progress Sitefinity 4.0-15.2.8421 - Information Exposure Through Error Message
Jan 07, 2025
CVSS 7.7
EPSS 0.00
CVE-2024-12108 CRITICAL
WhatsUp Gold 23.1.0-24.0.1 - Authentication Bypass via Public API
Dec 31, 2024
CVSS 9.6
EPSS 0.07
CVE-2024-12106 CRITICAL
WhatsUp Gold 23.1.0-24.0.1 - Unauthenticated LDAP Settings Modification
Dec 31, 2024
CVSS 9.4
EPSS 0.09
CVE-2024-12105 MEDIUM
WhatsUp Gold 23.1.0-24.0.1 - Authenticated Path Traversal
Dec 31, 2024
CVSS 6.5
EPSS 0.42
CVE-2024-8785 CRITICAL
WhatsUp Gold < 24.0.1 - Unauthenticated Registry Manipulation via NmAPI.exe
Dec 02, 2024
CVSS 9.8
EPSS 0.10
CVE-2024-46909 CRITICAL
WhatsUp Gold < 24.0.1 - Unauthenticated Remote Code Execution
Dec 02, 2024
CVSS 9.8
EPSS 0.49
CVE-2024-46908 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-46907 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-46906 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.41
CVE-2024-46905 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-8049 MEDIUM
Telerik Document Processing <2024.4.1106 - DoS
Nov 13, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-7295 HIGH
Progress Telerik Report Server < 10.3.24.1112 - Use of Hard-coded Credentials
Nov 13, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-10013 HIGH
Telerik UI for WinForms <2024 Q4 - Code Injection
Nov 13, 2024
CVSS 7.8
EPSS 0.00