42 matches found
EUVD-2026-42385
Path equivalence: vulnerability in Progress MOVEit Transfer File Upload modules. This issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4...
EUVD-2026-42379
Relative path traversal vulnerability in Progress MOVEit Transfer Admin Settings module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
CVE-2026-10698
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
CVE-2025-13147
Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...
CVE-2025-13147 External Service Interaction (DNS)
Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...
PT-2025-47528
Name of the Vulnerable Software and Affected Versions Progress MOVEit Transfer versions prior to 2024.1.8 Progress MOVEit Transfer versions 2025.0.0 through 2025.0.3 Description A Server-Side Request Forgery SSRF vulnerability exists in Progress MOVEit Transfer. This type of issue allows an...
EUVD-2024-47648
Malicious code in bioql PyPI...
CVE-2021-38159
In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...
The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer allows a perpetrator to bypass authentication processes and gain increased privileges.
The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to bypass the authentication process and gain increased privilege...
CVE-2024-6576
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...
CVE-2024-6576
CVE-2024-6576 - Progress MOVEit Transfer (SFTP module) : Affected MOVEit Transfer versions include 2023.0.0–2023.0.11, 2023.1.0–2023.1.6, and 2024.0.0–2024.0.2, with a root cause described as an improper authentication vulnerability that can lead to privilege escalation. Remediation per sources: ...
CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...
PT-2024-5295 · Progress · Progress Moveit Transfer
Name of the Vulnerable Software and Affected Versions: Progress MOVEit Transfer versions 2023.0.0 through 2023.0.11 Progress MOVEit Transfer versions 2023.1.0 through 2023.1.6 Progress MOVEit Transfer versions 2024.0.0 through 2024.0.2 Description: The issue is related to improper authentication ...
Progress MOVEit Transfer 2017 < 9.0.0.201, Ipswitch MOVEit DMZ < 8.2 / 8.2 < 8.2.0.20 / 8.3 < 8.3.0.30 SQL Injection (CVE-2017-6195)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by a pre-authentication blind SQL injection vulnerability as referenced in Progress Community article 000192008. - Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind...
The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer allows a perpetrator to enhance their privileges.
The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers, operating remotely, to increase their privileges...
Progress MOVEit Transfer 2023.0.x < 2023.0.11 / 2023.1.x < 2023.1.6 / 2024.0.x < 2024.0.2 Authentication Bypass (June 2024)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by an authentication bypass vulnerability as referenced in Progress Community article 000259290. - Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead...
CVE-2024-5806
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...
CVE-2024-5806
CVE-2024-5806 affects the MOVEit Transfer SFTP module. The issue is an Improper Authentication vulnerability that can lead to an Authentication Bypass . Affected versions include MOVEit Transfer 2023.0.x prior to 2023.0.11, 2023.1.x prior to 2023.1.6, and 2024.0.x prior to 2024.0.2. Root cause is...
Progress MOVEit Transfer < 2022.0.10 / 2022.1 < 2022.1.11 / 2023.0 < 2023.0.8 / 2023.1 < 2023.1.3 Multiple Vulnerabilities (January 2024)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000249475. - In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11...
Progress MOVEit Transfer < 2022.0.9 / 2022.1 < 2022.1.10 / 2023.0 < 2023.0.7 / 2023.1.1 Multiple Vulnerabilities (November 2023)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is prior to 2022.0.9, 2022.1 prior to 2022.1.10, 2023.0 prior to 2023.0.7 or 2023.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000246898. ...