Lucene search
K

286 matches found

NVD
NVD
added 2024/10/09 3:15 p.m.12 views

CVE-2024-7293

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...

8.8CVSS0.00306EPSS
Exploits0References1
OSV
OSV
added 2024/10/09 3:15 p.m.3 views

CVE-2024-7293

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References1
OSV
OSV
added 2024/10/09 3:15 p.m.3 views

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2024/10/09 3:15 p.m.10 views

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/10/09 3:15 p.m.4 views

CVE-2024-7292

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...

8.8CVSS5.8AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2024/10/09 3:15 p.m.41 views

CVE-2024-7292

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...

8.8CVSS0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/09 2:49 p.m.20 views

CVE-2024-8015 Telerik Report Server Insecure Type Resolution

In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.924, a remote code execution attack is possible through object injection via an insecure type resolution vulnerability...

9.1CVSS0.00822EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 2:49 p.m.53 views

CVE-2024-8015

CVE-2024-8015 affects Progress Telerik Report Server before 2024 Q3 (10.2.24.924). The root cause is an insecure type resolution that allows object injection, enabling remote code execution. Public references describe a remote code execution vulnerability in versions prior to 10.2.24.924. Remedia...

9.1CVSS8.7AI score0.00822EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/09 2:47 p.m.41 views

CVE-2024-7292 Account Controller allows high count of login attempts

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...

7.5CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 2:47 p.m.12 views

CVE-2024-7292 Account Controller allows high count of login attempts

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...

7.5CVSS7AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 2:47 p.m.50 views

CVE-2024-7292

Progress Telerik Report Server up to version 10.2.24.709 (pre-2024 Q3) is affected by CVE-2024-7292 due to improper restriction of excessive login attempts, enabling credential stuffing and potential unauthorized access. The issue is reported for versions prior to 2024 Q3 (10.2.24.806). The docum...

8.8CVSS7.7AI score0.00317EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/09 2:45 p.m.15 views

CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 2:45 p.m.9 views

CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS6.8AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 2:43 p.m.9 views

CVE-2024-7293 Password policy for new users is not strong enough

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...

7.5CVSS7AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 2:43 p.m.51 views

CVE-2024-7293

Affected product: Progress Telerik Report Server. Vulnerability: Password brute forcing possible due to weak password requirements in versions prior to 2024 Q3 (10.2.24.806). Root cause / details: Weak password policy enables brute-force attempts; attack vector is network-based. Impact: High conf...

8.8CVSS7.7AI score0.00306EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806 that stems from an improper limit on the number ...

8.8CVSS6.6AI score0.00317EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.4 views

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, USA. A security vulnerability exists in Progress Software Telerik Report Server versions prior to 10.2.24.806 that stems from allowing the use of weak passwords...

8.8CVSS6.6AI score0.00306EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/09 12:0 a.m.5 views

PT-2024-38242 · Progress · Telerik Report Server

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.806 Description: A password brute forcing attack is possible through weak password requirements. Recommendations: For versions prior to 2024 Q3 10.2.24.806, update to version...

8.8CVSS7.5AI score0.00306EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.4 views

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-level report management and distribution solution from Progress Software, USA. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 18.2.24.924. An attacker can exploit the vulnerability to...

8.8CVSS7.2AI score0.00602EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.3 views

Progress Software Telerik Report Server 资源管理错误漏洞

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A resource management error vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806, which originates from an HTTP...

7.5CVSS6.6AI score0.00312EPSS
Exploits0References2
Rows per page
Query Builder