progress

244 tracked vulnerabilities.

CVE-2024-8785 CRITICAL
WhatsUp Gold < 24.0.1 - Unauthenticated Registry Manipulation via NmAPI.exe
Dec 02, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-46909 CRITICAL
WhatsUp Gold < 24.0.1 - Unauthenticated Remote Code Execution
Dec 02, 2024
CVSS 9.8
EPSS 0.35
CVE-2024-46908 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-46907 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-46906 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.27
CVE-2024-46905 HIGH
WhatsUp Gold < 24.0.1 - Authenticated SQL Injection
Dec 02, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-8049 MEDIUM
Telerik Document Processing <2024.4.1106 - DoS
Nov 13, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-7295 HIGH
Progress Telerik Report Server < 10.3.24.1112 - Use of Hard-coded Credentials
Nov 13, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-10013 HIGH
Telerik UI for WinForms <2024 Q4 - Code Injection
Nov 13, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-7763 CRITICAL
WhatsUp Gold < 24.0 - Authentication Bypass
Oct 24, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-8755 HIGH
LoadMaster <7.2.60.1 - OS Command Injection
Oct 11, 2024
CVSS 8.4
EPSS 0.01
CVE-2024-8048 HIGH
In Progress Telerik Reporting <2024 Q3 - Code Injection
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-8015 CRITICAL
Telerik Report Server <2024 Q3 - RCE
Oct 09, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-8014 HIGH
Telerik Reporting <2024 Q3 - Code Injection
Oct 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7840 HIGH
Progress Telerik Reporting < 18.2.24.924 - Command Injection via Hyperlink Element
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-7294 HIGH
Telerik Report Server < 10.2.24.806 - Unauthenticated Denial of Service via HTTP Request Flooding
Oct 09, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-7293 HIGH
Telerik Report Server <2024 Q3 - Info Disclosure
Oct 09, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-7292 HIGH
Progress Telerik Report Server < 10.2.24.806 - Credential Stuffing via Excessive Login Attempts
Oct 09, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-6658 HIGH
LoadMaster <7.2.60.0 - OS Command Injection
Sep 12, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-7654 HIGH
Progress OpenEdge < 11.7.19 and 12.2-12.2.14 - Unauthenticated Content Injection via ActiveMQ Discovery Service
Sep 03, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-7346 HIGH
OpenEdge - Host Name Validation Bypass
Sep 03, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-7345 HIGH
Progress OpenEdge < 11.7.18 - Unauthenticated Code Injection via Local ABL Client
Sep 03, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-6672 HIGH
WhatsUp Gold <2024.0.0 - Privilege Escalation
Aug 29, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-6671 CRITICAL NUCLEI
WhatsUp Gold <2024.0.0 - SQL Injection
Aug 29, 2024
CVSS 9.8
EPSS 0.76
CVE-2024-6670 CRITICAL KEVNUCLEI
WhatsUp Gold SQL Injection (CVE-2024-6670)
Aug 29, 2024
CVSS 9.8
EPSS 0.94
Products
whatsup_gold 56 ws_ftp_server 28 moveit_transfer 25 loadmaster 19 sitefinity 19 telerik_reporting 14 openedge 12 moveit_automation 8 telerik_ui_for_asp.net_ajax 8 multi-tenant_loadmaster 7 telerik_report_server 7 ecs_connection_manager 6 connection_manager_for_objectscale 5 progress 5 sitefinity_cms 5 flowmon 3 telerik_document_processing_libraries 3 telerik_ui_for_winforms 3 DataDirect Connect for JDBC Autonomous REST Connector 2 DataDirect Connect for JDBC for Amazon Redshift 2 DataDirect Connect for JDBC for Apache Cassandra 2 DataDirect Connect for JDBC for Apache Impala 2 DataDirect Connect for JDBC for Apache SparkSQL 2 DataDirect Connect for JDBC for DB2 2 DataDirect Connect for JDBC for Google Analytics 4 2 DataDirect Connect for JDBC for Google BigQuery 2 DataDirect Connect for JDBC for Greenplum 2 DataDirect Connect for JDBC for Hive 2 DataDirect Connect for JDBC for Informix 2 DataDirect Connect for JDBC for Microsoft Dynamics 365 2
Quick Filters
Critical CVEs With Exploits In CISA KEV