286 matches found
CVE-2024-7292
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...
CVE-2024-1800
In Progress® Telerik® Report Server versions prior to 2024 Q1 10.0.24.130, a remote code execution attack is possible through an insecure deserialization vulnerability...
CVE-2024-6327
In Progress® Telerik® Report Server versions prior to 2024 Q2 10.1.24.709, a remote code execution attack is possible through an insecure deserialization vulnerability...
CVE-2024-8015
In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.924, a remote code execution attack is possible through object injection via an insecure type resolution vulnerability...
Progress Telerik Report Server <= 10.2.24.924 Encryption Weakness (CVE-2024-7295)
The version of Progress Telerik Report Server installed on the remote host is affected by an encryption weakness vulnerability: - The encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. CVE-2024-7295 Note that Nessus has not...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting control software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2024-7295
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7295
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7295
CVE-2024-7295 affects Progress Telerik Report Server and is tied to an encryption weakness in the local asset data protection. Versions prior to 2024 Q4 (10.3.24.1112) reportedly use an older encryption algorithm, which may allow a sophisticated actor to decrypt local asset data. The vulnerabilit...
PT-2024-38244 · Telerik · Telerik Report Server
Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q4 10.3.24.1112 Description: The encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. Recommendations: For versions...
Progress Telerik Report Server 信任管理问题漏洞
Progress Telerik Report Server is an enterprise-class report management and distribution solution from Progress, Inc. A trust management issue vulnerability exists in versions of Progress Telerik Report Server prior to 2024 Q4, which stems from an older algorithm used to encrypt local asset data,...
Progress Telerik Report Server <= 10.2.24.806 Insecure Type Resolution (CVE-2024-8015)
The version of Progress Telerik Report Server installed on the remote host is affected by an insecure type resolution vulnerability: - A remote code execution attack is possible through object injection via an insecure type resolution vulnerability. CVE-2024-8015 Note that Nessus has not tested f...
The vulnerability of Power BI report servers, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.
The vulnerability of the Power BI report server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
Security Update for Microsoft Power BI Report Server (October 2024)
The Microsoft Power BI Report Server on the remote host is missing the October 2024 security update. It is, therefore, affected by a server spoofing vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CVE-2024-8015
In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.924, a remote code execution attack is possible through object injection via an insecure type resolution vulnerability...
CVE-2024-8015
In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.924, a remote code execution attack is possible through object injection via an insecure type resolution vulnerability...