Lucene search
K

8 matches found

NVD
NVD
added 2025/09/12 3:15 a.m.4 views

CVE-2025-43788

The organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through update 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...

5.3CVSS0.00244EPSS
Exploits0References1
NVD
NVD
added 2024/07/23 2:15 p.m.17 views

CVE-2024-4081

A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and prior versions...

8.4CVSS0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.5 views

PT-2024-37397 · National Instruments · Ni Flexlogger +1

Name of the Vulnerable Software and Affected Versions: NI SystemLink Server versions 2024 Q1 and prior NI FlexLogger versions 2023 Q2 and prior Description: The issue is related to an out-of-date version of Redis shipped with the affected software, which is susceptible to multiple vulnerabilities...

7.8CVSS7.2AI score0.00275EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/04 12:0 a.m.42 views

Progress Telerik Report Server Authentication Bypass (CVE-2024-4358)

The version of Progress Telerik Report Server installed on the remote host is affected by an authentication bypass vulnerability, as follows: - In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server...

9.8CVSS8.7AI score0.97482EPSS
Exploits14References2
NVD
NVD
added 2024/05/29 3:16 p.m.27 views

CVE-2024-4358

In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability...

9.8CVSS9.8AI score0.97482EPSS
Exploits14References2
Vulnrichment
Vulnrichment
added 2024/05/15 5:4 p.m.14 views

CVE-2024-4837 Trust Boundary Violation Vulnerability

In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability...

5.3CVSS7.1AI score0.00431EPSS
Exploits0References1
CVE
CVE
added 2024/05/15 4:58 p.m.34 views

CVE-2024-4357

Progress Telerik Report Server (versions 10.0.24.305 and earlier, i.e., 2024 Q1) suffers an XML External Entity Processing (XXE) information-disclosure vulnerability in the ValidateMetadaUri path. A low-privilege attacker could read system files; an authenticated context is required but may be by...

6.5CVSS6.1AI score0.007EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.1 views

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-level report management and distribution solution from Progress Software. A security vulnerability exists in Progress Software Telerik Report Server version 2024 Q1 10.0.24.305 and prior versions. An attacker could exploit the vulnerability...

5.3CVSS6.8AI score0.00431EPSS
Exploits0References2
Rows per page
Query Builder