progress

261 tracked vulnerabilities.

CVE-2023-29376 MEDIUM
Progress Sitefinity <14.3.8025 - XSS
Apr 10, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-29375 CRITICAL
Progress Sitefinity <14.3.8025 - File Upload
Apr 10, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24029 HIGH
WS_FTP Server <8.8 - Privilege Escalation
Feb 03, 2023
CVSS 7.2
EPSS 0.01
CVE-2022-27665 MEDIUM
Progress WS_FTP Server 8.6.0 - Reflected Cross-Site Scripting via AngularJS Sandbox Escape
Apr 03, 2023
CVSS 6.1
EPSS 0.33
CVE-2022-42711 CRITICAL
Progress WhatsUp Gold < 22.1.0 - Unauthenticated Stored Cross-Site Scripting via SNMP MIB Walker Endpoint
Oct 12, 2022
CVSS 9.6
EPSS 0.01
CVE-2022-36968 MEDIUM
Progress WS_FTP Server < 8.7.3 - Cross-Site Request Forgery in Administrative Interface
Aug 02, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36967 MEDIUM
Progress WS_FTP Server < 8.7.3 - Reflected Cross-Site Scripting in Administrative Web Interface
Aug 02, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-29848 MEDIUM
Progress WhatsUp Gold 17.0.0-21.1.1 and 22.0.0 - Authenticated Server-Side Request Forgery
May 11, 2022
CVSS 6.5
EPSS 0.04
CVE-2022-29847 HIGH
Progress WhatsUp Gold 21.0.0-21.1.1 and 22.0.0 - Unauthenticated Server-Side Request Forgery
May 11, 2022
CVSS 7.5
EPSS 0.56
CVE-2022-29846 MEDIUM
Ipswitch WhatsUp Gold <22.0.0 - Info Disclosure
May 11, 2022
CVSS 5.3
EPSS 0.05
CVE-2022-29845 MEDIUM
Ipswitch WhatsUp Gold <22.0.0 - Info Disclosure
May 11, 2022
CVSS 6.5
EPSS 0.04
CVE-2022-29849 HIGH
Progress OpenEdge < 11.7.14 and 12.x < 12.2.9 - Privilege Escalation via SUID Binary
May 02, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-41318 MEDIUM
Progress WhatsUp Gold < 21.1.0 - Unauthenticated Stored Cross-Site Scripting
Sep 28, 2021
CVSS 6.1
EPSS 0.06
CVE-2021-38159 CRITICAL
Progress MOVEit Transfer <2021.0.4 - SQL Injection
Aug 07, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-37614 HIGH
Progress MOVEit Transfer < 2019.0.7 - Authenticated SQL Injection via Transaction Type Strings
Aug 05, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33894 HIGH
Progress MOVEit Transfer SQL Injection in SILUtility.vb
Jun 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-31827 HIGH
Progress MOVEit Transfer < 2021.0 - Authenticated SQL Injection in SILHuman.vb
May 18, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-28141 CRITICAL
Progress Telerik UI for ASP.NET AJAX 2021.1.224 - Auth Bypass
Mar 11, 2021
CVSS 9.8
EPSS 0.02
CVE-2020-28647 MEDIUM
Progress MOVEit Transfer < 2020.1 - Stored Cross-Site Scripting
Nov 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-12677 MEDIUM
Progress MOVEit Automation Web Admin <2018.0.3-2019.2.2 - XSS
May 14, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-8612 CRITICAL
MOVEit Transfer <2019.1.4-2019.2.1 - Authenticated XSS
Feb 14, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-8611 HIGH
MOVEit Transfer <2019.1.4-2019.2.1 - SQL Injection
Feb 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2019-19790 CRITICAL
Telerik UI for ASP.NET AJAX RadChart - Path Traversal and Arbitrary File Read/Delete via Image Handler
Dec 13, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-17392 CRITICAL
Progress Sitefinity 9.1-9.1.6185 - Weak Password Recovery Mechanism via HTTP Host Header
Nov 26, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-12143 MEDIUM
Progress ipswitch WS_FTP Server <8.6.1 - Path Traversal
Jun 11, 2019
CVSS 5.3
EPSS 0.02