📄 Telerik Report Server 2024 Q1-10.0.24.305 Remote Code Execution

Telerik Report Server versions 2024 Q1 10.0.24.305 and potentially earlier contain a critical vulnerability that allows unauthenticated attackers to achieve remote code execution through insecure deserialization in report processing functionality. The vulnerability exists due to improper input...

EUVD-2024-48236

Malicious code in bioql PyPI...

EUVD-2025-1753

Malicious code in bioql PyPI...

EUVD-2024-48238

Malicious code in bioql PyPI...

EUVD-2024-43993

Malicious code in bioql PyPI...

EUVD-2024-47441

Malicious code in bioql PyPI...

EUVD-2024-48237

Malicious code in bioql PyPI...

EUVD-2024-48887

Malicious code in bioql PyPI...

Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass

Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...

CVE-2025-0556

In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...

Progress Telerik Report Server < 11.0.25.211 Cleartext Transmission

The version of Progress Telerik Report Server installed on the remote host is affected by an cleartext transmission vulnerability. In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive...

CVE-2025-0556

In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...

CVE-2025-0556

In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...

CVE-2025-0556 Telerik Report Server Clear Text Transmission of Agent Commands

In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...

CVE-2025-0556

In Progress Telerik Report Server, before 2025 Q1 (11.0.25.211) using the older .NET Framework implementation, the communication of non-sensitive information between the service agent process and the app host process happens over an unencrypted tunnel, exposing it to potential local network traff...

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

CVE-2024-7293

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

CVE-2024-7292

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...

CVE-2024-1800

In Progress® Telerik® Report Server versions prior to 2024 Q1 10.0.24.130, a remote code execution attack is possible through an insecure deserialization vulnerability...