286 matches found
CVE-2024-7293
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...
CVE-2024-7293
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...
CVE-2024-7294
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...
CVE-2024-7294
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...
CVE-2024-7292
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...
CVE-2024-7292
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...
CVE-2024-8015 Telerik Report Server Insecure Type Resolution
In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.924, a remote code execution attack is possible through object injection via an insecure type resolution vulnerability...
CVE-2024-8015
CVE-2024-8015 affects Progress Telerik Report Server before 2024 Q3 (10.2.24.924). The root cause is an insecure type resolution that allows object injection, enabling remote code execution. Public references describe a remote code execution vulnerability in versions prior to 10.2.24.924. Remedia...
CVE-2024-7292 Account Controller allows high count of login attempts
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...
CVE-2024-7292 Account Controller allows high count of login attempts
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...
CVE-2024-7292
Progress Telerik Report Server up to version 10.2.24.709 (pre-2024 Q3) is affected by CVE-2024-7292 due to improper restriction of excessive login attempts, enabling credential stuffing and potential unauthorized access. The issue is reported for versions prior to 2024 Q3 (10.2.24.806). The docum...
CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...
CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...
CVE-2024-7293 Password policy for new users is not strong enough
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...
CVE-2024-7293
Affected product: Progress Telerik Report Server. Vulnerability: Password brute forcing possible due to weak password requirements in versions prior to 2024 Q3 (10.2.24.806). Root cause / details: Weak password policy enables brute-force attempts; attack vector is network-based. Impact: High conf...
Progress Software Telerik Report Server 安全漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806 that stems from an improper limit on the number ...
Progress Software Telerik Report Server 安全漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, USA. A security vulnerability exists in Progress Software Telerik Report Server versions prior to 10.2.24.806 that stems from allowing the use of weak passwords...
PT-2024-38242 · Progress · Telerik Report Server
Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q3 10.2.24.806 Description: A password brute forcing attack is possible through weak password requirements. Recommendations: For versions prior to 2024 Q3 10.2.24.806, update to version...
Progress Software Telerik Report Server 安全漏洞
Progress Software Telerik Report Server is an enterprise-level report management and distribution solution from Progress Software, USA. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 18.2.24.924. An attacker can exploit the vulnerability to...
Progress Software Telerik Report Server 资源管理错误漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A resource management error vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806, which originates from an HTTP...