Progress

223 tracked vulnerabilities.

CVE-2024-5806 CRITICAL
Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read
Jun 25, 2024
CVSS 9.1
EPSS 0.90
CVE-2024-5805 CRITICAL
Progress Moveit Gateway - Authentication Bypass
Jun 25, 2024
CVSS 9.1
EPSS 0.01
CVE-2023-27636 MEDIUM
Progress Sitefinity < 15.0.0 - XSS
Jun 16, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-4563 MEDIUM
Progress Moveit Automation < 2024.0.0 - Broken Cryptographic Algorithm
May 22, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-4837 MEDIUM
Progress Telerik Report Server < 10.1.24.514 - Information Disclosure
May 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-4357 MEDIUM
Progress Telerik Reporting < 10.1.24.514 - XXE
May 15, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-4202 HIGH
Telerik Reporting <2024 Q2 - Code Injection
May 15, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-4200 HIGH
Telerik Reporting <2024 Q2 - Code Injection
May 15, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-3892 HIGH
Progress Telerik UI For Winforms < 2024.2.514 - Code Injection
May 15, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-4562 MEDIUM
Progress Whatsup Gold < 23.1.2 - SSRF
May 14, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-4561 MEDIUM
Progress Whatsup Gold < 23.1.2 - SSRF
May 14, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-3544 HIGH
LoadMaster - Unauthenticated SSH
May 02, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3543 MEDIUM
Reversible Password Encryption - Info Disclosure
May 02, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-2389 CRITICALNUCLEI
Progress Kemp Flowmon - Command Injection
Apr 02, 2024
CVSS 10.0
EPSS 0.94
CVE-2024-2449 HIGH
LoadMaster - CSRF
Mar 22, 2024
CVSS 7.5
EPSS 0.06
CVE-2024-2448 HIGH
LoadMaster - Command Injection
Mar 22, 2024
CVSS 8.4
EPSS 0.23
CVE-2024-2291 MEDIUM
MOVEit Transfer <2022.0.11, 2022.1.12, 2023.0.9, 2023.1.4 - Auth By...
Mar 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1856 HIGH
Progress Telerik Reporting < 18.0.24.130 - Insecure Deserialization
Mar 20, 2024
CVSS 8.5
EPSS 0.00
CVE-2024-1801 HIGH
Progress Telerik Reporting < 18.0.24.130 - Insecure Deserialization
Mar 20, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-1800 CRITICAL
Progress Telerik Report Server - Insecure Deserialization
Mar 20, 2024
CVSS 9.9
EPSS 0.76
CVE-2024-1636 HIGH
Progress Sitefinity < 13.3.7649 - XSS
Feb 28, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-1632 HIGH
Progress Sitefinity < 13.3.7649 - Improper Access Control
Feb 28, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-1403 CRITICAL
Progress Openedge < 11.7.19 - Authentication Bypass
Feb 27, 2024
CVSS 10.0
EPSS 0.17
CVE-2024-1212 CRITICALKEVNUCLEI
Progress Loadmaster < 7.2.48.10 - OS Command Injection
Feb 21, 2024
CVSS 10.0
EPSS 0.94
CVE-2024-1474 HIGH
Progress WS FTP Server < 8.8.5 - XSS
Feb 21, 2024
CVSS 7.5
EPSS 0.00
Products
whatsup_gold 56 ws_ftp_server 28 moveit_transfer 25 sitefinity 19 loadmaster 15 telerik_reporting 14 openedge 12 multi-tenant_loadmaster 7 telerik_report_server 7 telerik_ui_for_asp.net_ajax 5 sitefinity_cms 5 progress 5 telerik_ui_for_winforms 3 telerik_document_processing_libraries 3 openedge_innovation 2 datadirect_odbc_oracle_wire_protocol_driver 2 ecs_connection_manager 2 hybrid_data_pipeline 2 ipswitch_ws_ftp_server 2 moveit_automation 2 moveit_waf 2 multi-tenant_hypervisor 2 webspeed 2 webspeed_messenger 2 connection_manager_for_objectscale 1 kendo_ui_for_vue 1 kendo_ui 1 openedge_explorer 1 4gl_compiler 1 openedge_management 1
Quick Filters
Critical CVEs With Exploits In CISA KEV