progress
261 tracked vulnerabilities.
CVE-2024-5015
HIGH
WhatsUp Gold < 23.1.3 - Authenticated Server-Side Request Forgery in SessionController
Jun 25, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-5014
HIGH
WhatsUp Gold < 23.1.3 - Authenticated Server-Side Request Forgery via GetASPReport Feature
Jun 25, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-5013
HIGH
WhatsUp Gold < 23.1.3 - Unauthenticated Denial of Service via SetAdminPassword Installation Step
Jun 25, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-5012
HIGH
WhatsUp Gold < 23.1.3 - Unauthenticated Windows Credential Disclosure via WUGDataAccess.Credentials
Jun 25, 2024
CVSS 8.6
EPSS 0.00
CVE-2024-5011
HIGH
WhatsUp Gold < 23.1.3 - Unauthenticated Denial of Service via TestController Chart Request
Jun 25, 2024
CVSS 7.5
EPSS 0.47
CVE-2024-5010
HIGH
WhatsUp Gold < 23.1.3 - Unauthenticated Sensitive Information Exposure via TestController
Jun 25, 2024
CVSS 7.5
EPSS 0.70
CVE-2024-5009
HIGH
WhatsUp Gold < 23.1.3 - Improper Access Control in InstallController.SetAdminPassword
Jun 25, 2024
CVSS 8.4
EPSS 0.15
CVE-2024-5008
HIGH
WhatsUp Gold < 23.1.3 - Authenticated Remote Code Execution via AppProfileImportController
Jun 25, 2024
CVSS 8.8
EPSS 0.17
CVE-2024-4885
CRITICAL
KEVNUCLEI
Progress WhatsUp Gold < 23.1.3 - Unauthenticated Remote Code Execution via ExportUtilities.Export.GetFileWithoutZip
Jun 25, 2024
CVSS 9.8
EPSS 0.99
CVE-2024-4884
CRITICAL
WhatsUp Gold < 23.1.3 - Unauthenticated Remote Code Execution via CommunityController
Jun 25, 2024
CVSS 9.8
EPSS 0.24
CVE-2024-4883
CRITICAL
Progress WhatsUp Gold < 23.1.3 - Unauthenticated Remote Code Execution via NmApi.exe
Jun 25, 2024
CVSS 9.8
EPSS 0.65
CVE-2024-5806
CRITICAL
Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read
Jun 25, 2024
CVSS 9.1
EPSS 0.76
CVE-2024-5805
CRITICAL
Progress MOVEit Gateway 2024.0.0.0 - Authentication Bypass in SFTP Modules
Jun 25, 2024
CVSS 9.1
EPSS 0.08
CVE-2024-4563
MEDIUM
Progress MOVEit Automation < 2024.0.0 - Use of a Broken or Risky Cryptographic Algorithm in Configuration Export
May 22, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-4837
MEDIUM
Progress Telerik Report Server < 10.1.24.514 - Sensitive Information Exposure
May 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-4357
MEDIUM
Progress Telerik Report Server < 10.1.24.514 - XML External Entity Injection
May 15, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-4202
HIGH
Telerik Reporting <2024 Q2 - Code Injection
May 15, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-4200
HIGH
Telerik Reporting <2024 Q2 - Code Injection
May 15, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-3892
HIGH
Telerik UI for WinForms 2021.1.122-2024.2.514 - Local Code Execution via Untrusted Theme Assembly
May 15, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-4562
MEDIUM
WhatsUp Gold < 23.1.2 - Authenticated Server-Side Request Forgery in HTTP Monitoring
May 14, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-4561
MEDIUM
WhatsUp Gold < 23.1.2 - Server-Side Request Forgery via FaviconController
May 14, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-3544
HIGH
Progress LoadMaster < 7.2.48.11, 7.2.49.0-7.2.54.10, 7.2.55.0-7.2.59.4 - Hard-coded SSH Credentials
May 02, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3543
MEDIUM
Reversible Password Encryption - Info Disclosure
May 02, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-2389
CRITICAL
NUCLEI
Progress Kemp Flowmon - Command Injection
Apr 02, 2024
CVSS 10.0
EPSS 0.94
CVE-2024-2449
HIGH
LoadMaster 7.2.49.0-7.2.54.8 and 7.2.55.0-7.2.59.2 - Cross-Site Request Forgery
Mar 22, 2024
CVSS 7.5
EPSS 0.13
Products
whatsup_gold 56
moveit_transfer 33
ws_ftp_server 28
sitefinity 24
loadmaster 21
telerik_reporting 14
openedge 12
MOVEit Transfer 9
moveit_automation 8
telerik_ui_for_asp.net_ajax 8
ecs_connection_manager 7
multi-tenant_loadmaster 7
telerik_report_server 7
connection_manager_for_objectscale 6
progress 5
sitefinity_cms 5
flowmon 4
telerik_document_processing_libraries 3
telerik_ui_for_winforms 3
DataDirect Connect for JDBC Autonomous REST Connector 2
DataDirect Connect for JDBC for Amazon Redshift 2
DataDirect Connect for JDBC for Apache Cassandra 2
DataDirect Connect for JDBC for Apache Impala 2
DataDirect Connect for JDBC for Apache SparkSQL 2
DataDirect Connect for JDBC for DB2 2
DataDirect Connect for JDBC for Google Analytics 4 2
DataDirect Connect for JDBC for Google BigQuery 2
DataDirect Connect for JDBC for Greenplum 2
DataDirect Connect for JDBC for Hive 2
DataDirect Connect for JDBC for Informix 2
Quick Filters