Progress Telerik UI for AJAX 代码问题漏洞

Progress Telerik UI for AJAX is a set of Web interface components developed by the American company Progress. Versions of Progress Telerik UI for AJAX from 2024.4.1114 to 2026.1.421 contain code vulnerabilities. These vulnerabilities stem from the RadFilter control’s unsafe deserialization when...

Progress Telerik UI 安全特征问题漏洞

Progress Telerik UI is a UI control suite for application development developed by the American company Progress. Versions of Progress Telerik UI for AJAX prior to version 2026.1.225 contained security feature vulnerabilities, which were caused by insufficient entropy in the RadAsyncUpload...

PT-2025-41846

Name of the Vulnerable Software and Affected Versions YouDataSum CPAS Audit Management System versions prior to 4.9 Description The YouDataSum CPAS Audit Management System is susceptible to SQL Injection due to inadequate input validation. This allows remote, unauthenticated attackers to execute...

EUVD-2020-3768

Malware in sbrugna...

EUVD-2018-7003

Malware in sbrugna...

EUVD-2024-43993

Malicious code in bioql PyPI...

EUVD-2024-48239

Malicious code in bioql PyPI...

CVE-2020-11414

An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the...

Progress Telerik UI 资源管理错误漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A security vulnerability exists in Progress Telerik UI versions 2011.2.712 through 2025.1.218, which stems from insecure reflection that could lead to unhandled exceptions, which in turn...

Progress Telerik Reporting < 2025 Q1 (19.0.25.211) Information Disclosure

The version of Progress Telerik Reporting installed on the remote Windows host is prior or equal to 2025 QA 19.0.25.211. It is, therefore, affected by an information disclosure vulnerability. Information disclosure is possible by a local threat actor through an absolute path vulnerability. Note...

CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

Progress Telerik UI 路径遍历漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A path traversal vulnerability exists in Progress Telerik UI prior to version 2025 Q1, which stems from the fact that the use of improper destination path restrictions could result in the...

Progress Telerik UI 命令注入漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A command injection vulnerability exists in Progress Telerik UI prior to version 2025 Q1, which stems from a command injection attack that can be performed by incorrectly neutralizing...

Progress Telerik Document Processing Libraries 安全漏洞

Progress Telerik Document Processing Libraries is a document processing library from Progress USA. A security vulnerability exists in Progress Telerik Document Processing Libraries prior to version 2025 Q1, which originates from the ability to export the contents of a file in an arbitrary path to...

Progress Telerik Reporting 安全漏洞

Progress Telerik Reporting is a .NET report embedding tool from Progress, Inc. that enables the creation, design, export, and integration of reports in cloud-based, web and applications. A security vulnerability exists in Progress Telerik Reporting prior to version 2025 Q1, which stems from a loc...

PT-2025-6792 · Progress · Progress Telerik Report Server

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2025 Q1 11.0.25.211 Description: The issue concerns the communication of non-sensitive information between the service agent process and app host process in In Progress Telerik Report Server...

CVE-2024-10095 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q4 2024.4.1213, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-10095

CVE-2024-10095 affects Progress Telerik UI for WPF. The vulnerability stems from an insecure deserialization pathway that can enable a code execution attack. Affected products are Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213). The connected sources consistently describe the issue as ...

CVE-2024-10095 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q4 2024.4.1213, a code execution attack is possible through an insecure deserialization vulnerability...