Lucene search
K

118 matches found

NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-9272

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-8079

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized...

8.7CVSS0.00182EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:3 p.m.6 views

EUVD-2026-41375

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized...

8.7CVSS5.8AI score0.00182EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:3 p.m.7 views

CVE-2026-8079

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized...

8.7CVSS5.8AI score0.00182EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/02 2:3 p.m.16 views

CVE-2026-8079

Progress Flowmon is affected in versions prior to 12.5.9 and 13.0.11, where an authenticated low-privileged user can craft a PDF-generation request that causes operations to run with another user’s privileges, potentially exposing sensitive data and enabling unintended configuration changes. The ...

8.7CVSS5.8AI score0.00182EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 2:3 p.m.40 views

CVE-2026-8079 Unintended limited set of actions with elevated privileges may be performed during PDF generation in Progress Flowmon

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized...

8.7CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:2 p.m.18 views

CVE-2026-9272

CVE-2026-9272 affects Progress Flowmon ADS prior to 12.5.6 and 13.0.5. An adversary authenticated as a low-privileged ADS user can send specially crafted requests that lead to unauthorized access to and modification of application data. The CVE’s metrics indicate HIGH impact on confidentiality, i...

8.7CVSS5.8AI score0.00247EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 2:2 p.m.37 views

CVE-2026-9272 Possibility of unintended database operations when querying data related to detected anomalies in Progress Flowmon ADS

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:2 p.m.8 views

CVE-2026-9272

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/02 2:2 p.m.7 views

EUVD-2026-41374

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS5.8AI score0.00247EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/07/02 9:36 a.m.95 views

Progress Kemp Flowmon - Command Injection

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands. id: CVE-2024-2389 info: nam...

10CVSS7.5AI score0.93901EPSS
Exploits7References5
RedhatCVE
RedhatCVE
added 2026/04/03 4:59 p.m.4 views

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

8.8CVSS5.9AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/03 4:59 p.m.3 views

CVE-2026-2737

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS5.9AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 3:31 p.m.4 views

EUVD-2026-18224

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

8.7CVSS5.9AI score0.0042EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18222

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS5.9AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 2:16 p.m.6 views

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

8.8CVSS0.0042EPSS
Exploits0References1
NVD
NVD
added 2026/04/02 2:16 p.m.6 views

CVE-2026-2737

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/02 1:28 p.m.4 views

CVE-2026-2737

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS5.9AI score0.00196EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/02 1:28 p.m.22 views

CVE-2026-2737 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon web application

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/02 1:28 p.m.3 views

CVE-2026-2737 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon web application

A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.5CVSS5.9AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder