Lucene search
K

118 matches found

CVE
CVE
added 2026/03/12 12:58 p.m.9 views

CVE-2026-2513

Progress Flowmon ADS vulnerable in versions prior to 12.5.5 and 13.0.3. An administrator who clicks a malicious link within an authenticated web session may trigger unintended actions, exposing high-severity risk (CVSS 8.6; Network vector, user interaction required). The advisory does not include...

8.6CVSS5.8AI score0.00286EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.4 views

PT-2026-24948

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

8.6CVSS5.8AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

Progress Flowmon ADS 跨站脚本漏洞

Progress Flowmon ADS is a network traffic analysis and anomaly detection system developed by the American company Progress. Versions of Progress Flowmon ADS prior to 12.5.5 and 13.0.3 contained a cross-site scripting vulnerability. This vulnerability could lead to unexpected operations when...

8.6CVSS5.7AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

Progress Flowmon ADS 跨站脚本漏洞

Progress Flowmon ADS is a network traffic analysis and anomaly detection system developed by the American company Progress. Versions of Progress Flowmon ADS prior to 12.5.5 and 13.0.3 contained a cross-site scripting vulnerability. This vulnerability could lead to unexpected operations in the...

8.6CVSS5.7AI score0.00189EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-24949

In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed by Flowmon ADS and viewed by an authenticated user, could result in unintended actions being...

8.6CVSS5.8AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/14 1:20 p.m.5 views

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS8AI score0.00423EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 1:15 p.m.5 views

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS5.9AI score0.00423EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 1:15 p.m.6 views

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS0.00423EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 12:59 p.m.12 views

CVE-2025-13774

Progress Flowmon ADS contains an SQL injection vulnerability in versions prior to 12.5.4 and prior to 13.0.1, exploitable by authenticated users to execute unintended SQL queries and commands. Multiple sources (NVD, Red Hat, CVE records, CNNVD, and other feeds) corroborate the issue and specify t...

8.8CVSS7.6AI score0.00423EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/13 12:59 p.m.20 views

CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS0.00423EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 12:59 p.m.3 views

CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

8.8CVSS7.6AI score0.00423EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2444

Name of the Vulnerable Software and Affected Versions Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 Description An SQL injection issue exists in Progress Flowmon ADS that allows authenticated users to execute unintended SQL queries and commands. The issue allows for the execution of...

8.8CVSS8AI score0.00423EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

Progress Flowmon ADS SQL注入漏洞

Progress Flowmon ADS is a network traffic analysis and anomaly detection system from Progress, Inc. A SQL injection vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and prior to 13.0.1, which stems from an SQL injection that could lead to the execution of unexpected SQL queri...

8.8CVSS6AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.7 views

CVE-2024-2389

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands...

10CVSS9.9AI score0.93901EPSS
Exploits7References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/04 3:47 a.m.5 views

Progress Flowmon vulnerable to authenticated OS command injection

Overview Progress Flowmon provided by Progress Software Corporation contains the following vulnerability. Authenticated OS command injection CWE-78 - CVE-2025-10239 Kentaro Kawane of GMO Cybersecurity by Ierae reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.2CVSS7.2AI score0.00349EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/31 8:13 a.m.5 views

CVE-2025-11906

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

6.7CVSS7.1AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/10/30 8:15 a.m.5 views

CVE-2025-11906

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

6.7CVSS0.00126EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/30 7:39 a.m.2 views

CVE-2025-11906 Privilege escalation via writable configuration files in Progress Flowmon

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

6.7CVSS6.7AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/30 7:39 a.m.5 views

EUVD-2025-36972

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

6.7CVSS6.6AI score0.00126EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 7:39 a.m.18 views

CVE-2025-11906

CVE-2025-11906 affects Progress Flowmon versions prior to 12.5.6. The root cause is incorrect file permissions on system configuration files, allowing a user with access to the default Flowmon SSH account to potentially escalate privileges to root during service initialization. Impact is privileg...

6.7CVSS6.7AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder