Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/04/22 7:7 a.m.5 views

CVE-2026-6022 Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 7:7 a.m.21 views

CVE-2026-6022

CVE-2026-6022 affects Progress Telerik UI for ASP.NET AJAX (RadAsyncUpload). Before 2026.1.421, RadAsyncUpload allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, causing disk space exhaustion. Affected: RadAsyncUpload in T...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 2:45 p.m.6 views

CVE-2026-2878 Insufficient Entropy Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering...

5.3CVSS5.9AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2021/12/22 6:15 a.m.8 views

CVE-2021-44029

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known due...

9.8CVSS7.6AI score0.00868EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/05/15 12:0 a.m.8 views

The vulnerability of the Telerik UI software for ASP.NET AJAX, related to the encryption flaws in RadAsyncUpload, allows attackers to perform arbitrary file uploads or execute arbitrary code.

The vulnerability of the Telerik UI software for ASP.NET AJAX is related to the shortcomings of the RadAsyncUpload encryption mechanism. Exploiting this vulnerability allows a malicious actor to perform arbitrary file uploads or execute arbitrary code...

10CVSS8.3AI score0.83476EPSS
Exploits8References5Affected Software1
OSV
OSV
added 2017/08/23 5:29 p.m.4 views

CVE-2017-11357

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

9.8CVSS6AI score0.75709EPSS
Exploits5References3
Rows per page
Query Builder