Progress
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Progress product.
Products by Progress Sorted by Most Security Vulnerabilities since 2018
Known Exploited Progress Vulnerabilities
The following Progress vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Progress Kemp LoadMaster OS Command Injection Vulnerability |
Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution. CVE-2024-1212 Exploit Probability: 93.7% |
November 18, 2024 |
Progress WhatsUp Gold SQL Injection Vulnerability |
Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user. CVE-2024-6670 Exploit Probability: 89.3% |
September 16, 2024 |
Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability |
Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access. CVE-2024-4358 Exploit Probability: 92.1% |
June 13, 2024 |
Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability |
Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system. CVE-2023-40044 Exploit Probability: 88.0% |
October 5, 2023 |
Progress MOVEit Transfer SQL Injection Vulnerability |
Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements. CVE-2023-34362 Exploit Probability: 97.2% |
June 2, 2023 |
Of the known exploited vulnerabilities above, 4 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2023-40044: Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.
By the Year
In 2025 there have been 0 vulnerabilities in Progress. Last year, in 2024 Progress had 69 security vulnerabilities published. Right now, Progress is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 69 | 7.80 |
2023 | 37 | 7.04 |
2022 | 8 | 6.70 |
2021 | 5 | 8.46 |
2020 | 3 | 7.73 |
2019 | 4 | 7.35 |
2018 | 9 | 7.90 |
It may take a day or so for new Progress vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Progress Security Vulnerabilities
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server
CVE-2024-12108
9.6 - Critical
- December 31, 2024
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.
Authentication Bypass by Spoofing
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker
CVE-2024-12106
7.5 - High
- December 31, 2024
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
Missing Authentication for Critical Function
In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request
CVE-2024-12105
6.5 - Medium
- December 31, 2024
In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.
Directory traversal
Telerik Reporting Privilege Escalation via Malicious RDLX File
CVE-2024-11220
- December 06, 2024
A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.
Incorrect Execution-Assigned Permissions
WhatsUp Gold Remote Code Execution Vulnerability
CVE-2024-46909
9.8 - Critical
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
SQL Injection Vulnerability in WhatsUp Gold Leading to Privilege Escalation
CVE-2024-46908
8.8 - High
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
SQL Injection Vulnerability in WhatsUp Gold Leading to Privilege Escalation
CVE-2024-46907
8.8 - High
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
SQL Injection Vulnerability in WhatsUp Gold Report Viewer
CVE-2024-46906
8.8 - High
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
SQL Injection Vulnerability in WhatsUp Gold Leading to Privilege Escalation
CVE-2024-46905
8.8 - High
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
WhatsUp Gold NmAPI.exe Remote Unauthenticated Registry Manipulation Vulnerability
CVE-2024-8785
5.3 - Medium
- December 02, 2024
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
Telerik Document Processing Libraries: Denial of Service via Resource Exhaustion
CVE-2024-8049
6.5 - Medium
- November 13, 2024
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable.
Excessive Iteration
In Progress® Telerik® Report Server: Weak Encryption Vulnerability in Local Asset Data
CVE-2024-7295
6.2 - Medium
- November 13, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.
Use of Hard-coded Credentials
In WhatsUp Gold versions released before 2024.0.0,
an Authentication Bypass issue exists which
CVE-2024-7763
7.5 - High
- October 24, 2024
In WhatsUp Gold versions released before 2024.0.0, an Authentication Bypass issue exists which allows an attacker to obtain encrypted user credentials.
authentification
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection
CVE-2024-8048
7.8 - High
- October 09, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
Reflection Injection
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection
CVE-2024-8015
7.2 - High
- October 09, 2024
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
Reflection Injection
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection
CVE-2024-8014
8.8 - High
- October 09, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
Reflection Injection
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924)
CVE-2024-7840
7.8 - High
- October 09, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
Command Injection
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806)
CVE-2024-7294
6.5 - Medium
- October 09, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
Resource Exhaustion
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806)
CVE-2024-7293
8.8 - High
- October 09, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.
Weak Password Requirements
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806)
CVE-2024-7292
8.8 - High
- October 09, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts.
Improper Restriction of Excessive Authentication Attempts
An ActiveMQ Discovery service was reachable by default
CVE-2024-7654
6.1 - Medium
- September 03, 2024
An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated. Unauthorized access to the discovery service's UDP port allowed content injection into parts of the OEM web interface making it possible for other types of attack that could spoof or deceive web interface users. Unauthorized use of the OEE/OEM discovery service was remediated by deactivating the discovery service by default.
XSS
Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection
CVE-2024-7346
4.8 - Medium
- September 03, 2024
Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection. This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security. The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation.
authentification
Local ABL Client bypass of the required PASOE security checks may
CVE-2024-7345
9.6 - Critical
- September 03, 2024
Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms
Code Injection
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability
CVE-2024-6672
8.8 - High
- August 29, 2024
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password.
SQL Injection
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability
CVE-2024-6671
9.8 - Critical
- August 29, 2024
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
SQL Injection
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability
CVE-2024-6670
9.8 - Critical
- August 29, 2024
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
SQL Injection
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module
CVE-2024-7745
8.1 - High
- August 28, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.
authentification
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module
CVE-2024-7744
6.5 - Medium
- August 28, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:)
Directory traversal
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709)
CVE-2024-6327
9.8 - Critical
- July 24, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.
Marshaling, Unmarshaling
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection
CVE-2024-6096
9.8 - Critical
- July 24, 2024
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
Reflection Injection
In WhatsUp Gold versions released before 2023.1.3
CVE-2024-5019
7.5 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole privileges.
Directory traversal
In WhatsUp Gold versions released before 2023.1.3
CVE-2024-5018
7.5 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory .
Directory traversal
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists
CVE-2024-5017
6.5 - Medium
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A specially crafted unauthenticated HTTP request to AppProfileImport can lead can lead to information disclosure.
Directory traversal
In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations
CVE-2024-5016
7.2 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage for server and NmDistributed.DistributedClient.OnMessage for clients.
Marshaling, Unmarshaling
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI.Areas.Wug.Controllers.SessionControler.Update
CVE-2024-5015
8.8 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI.Areas.Wug.Controllers.SessionControler.Update allows a low privileged user to chain this SSRF with an Improper Access Control vulnerability. This can be used to escalate privileges to Admin.
SSRF
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature
CVE-2024-5014
6.5 - Medium
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML form.
SSRF
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service
vulnerability was identified
CVE-2024-5013
7.5 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application non-accessible.
In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials
CVE-2024-5012
8.6 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. This vulnerability allows unauthenticated attackers to disclose Windows Credentials stored in the product Credential Library.
authentification
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists
CVE-2024-5011
7.5 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service.
Resource Exhaustion
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController functionality
CVE-2024-5010
7.5 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController functionality. A specially crafted unauthenticated HTTP request can lead to a disclosure of sensitive information.
In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword
CVE-2024-5009
8.4 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password.
In WhatsUp Gold versions released before 2023.1.3,
an authenticated user with certain permissions
CVE-2024-5008
8.8 - High
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE using Apm.UI.Areas.APM.Controllers.Api.Applications.AppProfileImportController.
Unrestricted File Upload
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold
CVE-2024-4885
9.8 - Critical
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold
CVE-2024-4884
9.8 - Critical
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges.
Command Injection
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold
CVE-2024-4883
9.8 - Critical
- June 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe.
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules)
CVE-2024-5805
9.1 - Critical
- June 25, 2024
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0.
authentification
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer:
CVE-2024-5806
9.8 - Critical
- June 25, 2024
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.
Progress Sitefinity before 15.0.0
CVE-2023-27636
5.4 - Medium
- June 16, 2024
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
XSS
The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.
CVE-2024-4563
7.5 - High
- May 22, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality
CVE-2024-4837
5.3 - Medium
- May 15, 2024
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier
CVE-2024-4357
6.5 - Medium
- May 15, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing.
XXE
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514)
CVE-2024-4202
8.6 - High
- May 15, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation vulnerability.
Code Injection
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514)
CVE-2024-4200
7.8 - High
- May 15, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
Marshaling, Unmarshaling
In WhatsUp Gold versions released before 2023.1.2
CVE-2024-4562
5.4 - Medium
- May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads to the Server Side Request Forgery.
SSRF
In WhatsUp Gold versions released before 2023.1.2 ,
a blind SSRF vulnerability exists in Whatsup Gold's FaviconController
CVE-2024-4561
5.3 - Medium
- May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server.
SSRF
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11)
CVE-2024-2291
4.3 - Medium
- March 20, 2024
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130)
CVE-2024-1856
8.8 - High
- March 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability.
Marshaling, Unmarshaling
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130)
CVE-2024-1801
7.8 - High
- March 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
Marshaling, Unmarshaling
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130)
CVE-2024-1800
8.8 - High
- March 20, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
Marshaling, Unmarshaling
Potential Cross-Site Scripting (XSS) in the page editing area.
CVE-2024-1636
5.4 - Medium
- February 28, 2024
Potential Cross-Site Scripting (XSS) in the page editing area.
XSS
Low-privileged users with access to the Sitefinity backend may obtain sensitive information
CVE-2024-1632
6.5 - Medium
- February 28, 2024
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.
Unauthenticated remote attackers
CVE-2024-1212
9.8 - Critical
- February 21, 2024
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
Shell injection
In WS_FTP Server versions before 8.8.5
CVE-2024-1474
6.1 - Medium
- February 21, 2024
In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface.
XSS
In Telerik Test Studio versions prior to
v2023.3.1330
CVE-2024-0833
7.8 - High
- January 31, 2024
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
In Telerik Reporting versions prior to 2024 R1
CVE-2024-0832
7.8 - High
- January 31, 2024
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
In Telerik JustDecompile versions prior to 2024 R1
CVE-2024-0219
7.8 - High
- January 31, 2024
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18
CVE-2023-40052
7.5 - High
- January 18, 2024
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the servers remaining ability to process valid requests.
Buffer Overflow
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18
CVE-2023-40051
9.9 - Critical
- January 18, 2024
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. If the upload contains a payload that can further exploit the server or its network, the launch of a larger scale attack may be possible.
Unrestricted File Upload
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10)
CVE-2024-0396
7.1 - High
- January 17, 2024
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.
CVE-2023-6784
4.3 - Medium
- December 20, 2023
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified
CVE-2023-6365
5.4 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified
CVE-2023-6364
5.4 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism
CVE-2023-6595
5.3 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.
Missing Authentication for Critical Function
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism
CVE-2023-6368
5.3 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold.
Missing Authentication for Critical Function
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified
CVE-2023-6367
5.4 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified
CVE-2023-6366
5.4 - Medium
- December 14, 2023
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9)
CVE-2023-6217
6.1 - Medium
- November 29, 2023
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a reflected cross-site scripting (XSS) vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a malicious payload targeting the system which comprises a MOVEit Gateway and MOVEit Transfer deployment. If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9)
CVE-2023-6218
7.2 - High
- November 29, 2023
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator.
Improper Privilege Management
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified
CVE-2023-42659
8.8 - High
- November 07, 2023
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application.
Unrestricted File Upload
In WS_FTP Server version prior to 8.8.2
CVE-2023-40049
5.3 - Medium
- September 27, 2023
In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing.
In WS_FTP Server version prior to 8.8.2
CVE-2023-40048
6.5 - Medium
- September 27, 2023
In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.
Session Riding
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered
CVE-2023-42657
9.6 - Critical
- September 27, 2023
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.
Directory traversal
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module
CVE-2023-40047
4.8 - Medium
- September 27, 2023
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
XSS
In WS_FTP Server versions prior to 8.7.4 and 8.8.2,
a SQL injection vulnerability exists in the WS_FTP Server manager interface
CVE-2023-40046
7.2 - High
- September 27, 2023
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database elements.
SQL Injection
In WS_FTP Server versions prior to 8.7.4 and 8.8.2
CVE-2023-40045
6.1 - Medium
- September 27, 2023
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
XSS
In WS_FTP Server versions prior to 8.7.4 and 8.8.2
CVE-2023-40044
8.8 - High
- September 27, 2023
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Marshaling, Unmarshaling
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface
CVE-2023-42660
8.8 - High
- September 20, 2023
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to the MOVEit Transfer machine interface which could result in modification and disclosure of MOVEit database content.
SQL Injection
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8)
CVE-2023-42656
6.1 - Medium
- September 20, 2023
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface. An attacker could craft a malicious payload targeting MOVEit Transfer users during the package composition procedure. If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
XSS
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer web interface
CVE-2023-40043
7.2 - High
- September 20, 2023
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer web interface that could allow a MOVEit system administrator account to gain unauthorized access to the MOVEit Transfer database. A MOVEit system administrator could submit a crafted payload to the MOVEit Transfer web interface which could result in modification and disclosure of MOVEit database content.
SQL Injection
Progress Chef Infra Server before 15.7
CVE-2023-28864
5.5 - Medium
- July 17, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Insecure Storage of Sensitive Information
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application
CVE-2023-36934
9.1 - Critical
- July 05, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.
SQL Injection
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method
CVE-2023-36933
7.5 - High
- July 05, 2023
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.
Improper Handling of Exceptional Conditions
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application
CVE-2023-36932
8.1 - High
- July 05, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.
SQL Injection
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input
CVE-2023-35759
6.1 - Medium
- June 23, 2023
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
XSS
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7
CVE-2023-34203
8.8 - High
- June 23, 2023
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS before 11.7.16, 12.x before 12.2.12, and 12.3.x through 12.6.x before 12.7.
Injection
In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application
CVE-2023-35708
9.8 - Critical
- June 16, 2023
In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3).
SQL Injection
In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vulnerabilities have been found in the MOVEit Transfer web application
CVE-2023-35036
9.1 - Critical
- June 12, 2023
In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vulnerabilities have been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.
SQL Injection
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle
CVE-2023-34364
9.8 - Critical
- June 09, 2023
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an affected host by copying carefully selected data that will be executed as code.
Memory Corruption
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle
CVE-2023-34363
5.9 - Medium
- June 09, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security (OAS) encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses an insecure random number generator to generate the private key. It is possible for a well-placed attacker to predict the output of this random number generator, which could lead to an attacker decrypting traffic between the driver and the database server. The vulnerability does not exist if SSL / TLS encryption is used.
PRNG
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application
CVE-2023-34362
9.8 - Critical
- June 02, 2023
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
SQL Injection