progress

244 tracked vulnerabilities.

CVE-2023-40051 CRITICAL
Progress OpenEdge PASOE < 11.7.18, 12.2-12.2.13, < 12.8.0 - Unauthenticated Arbitrary File Upload via WEB Transport
Jan 18, 2024
CVSS 9.1
EPSS 0.00
CVE-2023-6784 MEDIUM
Progress Sitefinity 4.0-13.3.7648 - Phishing Email Distribution
Dec 20, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-6595 HIGH
WhatsUp Gold <2023.1 - Info Disclosure
Dec 14, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-6368 MEDIUM
WhatsUp Gold <2023.1 - Info Disclosure
Dec 14, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-6367 HIGH
WhatsUp Gold < 23.1.0 - Stored Cross-Site Scripting in Roles
Dec 14, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-6366 HIGH
WhatsUp Gold < 23.1.0 - Stored Cross-Site Scripting in Alert Center
Dec 14, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-6365 HIGH
WhatsUp Gold < 23.1.0 - Stored Cross-Site Scripting via Device Group
Dec 14, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-6364 HIGH
WhatsUp Gold < 23.1.0 - Stored Cross-Site Scripting in Dashboard Component
Dec 14, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-6218 HIGH
MOVEit Transfer <2022.0.9, 2022.1.10, 2023.0.7 - Privilege Escalation
Nov 29, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-6217 HIGH
MOVEit Transfer <2022.0.9-2023.0.7 - XSS
Nov 29, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-42659 CRITICAL
WS_FTP Server < 8.7.6 and 8.8.4 - Authenticated Unrestricted File Upload via API Call
Nov 07, 2023
CVSS 9.1
EPSS 0.00
CVE-2023-42657 CRITICAL
WS_FTP Server < 8.7.4 - Path Traversal and Arbitrary File Operations
Sep 27, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-40049 MEDIUM
WS_FTP Server < 8.8.2 - Unauthenticated Sensitive Information Exposure via WebServiceHost Directory Listing
Sep 27, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-40048 MEDIUM
WS_FTP Server < 8.8.2 - Cross-Site Request Forgery in Server Manager Interface
Sep 27, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-40047 HIGH
WS_FTP Server < 8.8.2 - Authenticated Stored Cross-Site Scripting via SSL Certificate Import
Sep 27, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-40046 HIGH
WS_FTP Server < 8.7.4 - SQL Injection in Manager Interface
Sep 27, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-40045 HIGH
WS_FTP Server < 8.7.4 - Reflected Cross-Site Scripting in Ad Hoc Transfer Module
Sep 27, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-40044 CRITICAL KEVNUCLEI
WS_FTP Server < 8.7.4 - Unauthenticated Remote Code Execution via .NET Deserialization
Sep 27, 2023
CVSS 10.0
EPSS 0.94
CVE-2023-42660 HIGH
Progress MOVEit Transfer < 2021.1.8 - Authenticated SQL Injection via Machine Interface
Sep 20, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-42656 MEDIUM
Progress MOVEit Transfer < 2021.1.8 - Reflected Cross-Site Scripting via Package Composition Procedure
Sep 20, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-40043 HIGH
Progress MOVEit Transfer < 2021.1.8 - Authenticated SQL Injection via Web Interface
Sep 20, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-28864 MEDIUM
Progress Chef Infra Server <15.7 - Info Disclosure
Jul 17, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-36934 CRITICAL NUCLEI
Progress MOVEit Transfer < 12.1.11 - Unauthenticated SQL Injection
Jul 05, 2023
CVSS 9.1
EPSS 0.91
CVE-2023-36933 HIGH
MOVEit Transfer <2021.0.9, 13.0.9 - Unhandled Exception
Jul 05, 2023
CVSS 7.5
EPSS 0.14
CVE-2023-36932 HIGH
Progress MOVEit Transfer < 2020.1.11, 2021.0.9, 2021.1.7, 2022.0.7, 2022.1.8, 2023.0.4 - Authenticated SQL Injection
Jul 05, 2023
CVSS 8.1
EPSS 0.16
Products
whatsup_gold 56 ws_ftp_server 28 moveit_transfer 25 loadmaster 19 sitefinity 19 telerik_reporting 14 openedge 12 moveit_automation 8 telerik_ui_for_asp.net_ajax 8 multi-tenant_loadmaster 7 telerik_report_server 7 ecs_connection_manager 6 connection_manager_for_objectscale 5 progress 5 sitefinity_cms 5 flowmon 3 telerik_document_processing_libraries 3 telerik_ui_for_winforms 3 DataDirect Connect for JDBC Autonomous REST Connector 2 DataDirect Connect for JDBC for Amazon Redshift 2 DataDirect Connect for JDBC for Apache Cassandra 2 DataDirect Connect for JDBC for Apache Impala 2 DataDirect Connect for JDBC for Apache SparkSQL 2 DataDirect Connect for JDBC for DB2 2 DataDirect Connect for JDBC for Google Analytics 4 2 DataDirect Connect for JDBC for Google BigQuery 2 DataDirect Connect for JDBC for Greenplum 2 DataDirect Connect for JDBC for Hive 2 DataDirect Connect for JDBC for Informix 2 DataDirect Connect for JDBC for Microsoft Dynamics 365 2
Quick Filters
Critical CVEs With Exploits In CISA KEV