Progress Telerik UI for AJAX 代码问题漏洞

Progress Telerik UI for AJAX is a set of Web interface components developed by the American company Progress. Versions of Progress Telerik UI for AJAX from 2024.4.1114 to 2026.1.421 contain code vulnerabilities. These vulnerabilities stem from the RadFilter control’s unsafe deserialization when...

Progress Telerik UI 安全特征问题漏洞

Progress Telerik UI is a UI control suite for application development developed by the American company Progress. Versions of Progress Telerik UI for AJAX prior to version 2026.1.225 contained security feature vulnerabilities, which were caused by insufficient entropy in the RadAsyncUpload...

PT-2025-41846

Name of the Vulnerable Software and Affected Versions YouDataSum CPAS Audit Management System versions prior to 4.9 Description The YouDataSum CPAS Audit Management System is susceptible to SQL Injection due to inadequate input validation. This allows remote, unauthenticated attackers to execute...

EUVD-2020-3768

Malware in sbrugna...

CVE-2020-11414

An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the...

Progress Telerik UI 资源管理错误漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A security vulnerability exists in Progress Telerik UI versions 2011.2.712 through 2025.1.218, which stems from insecure reflection that could lead to unhandled exceptions, which in turn...

CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

Progress Telerik UI 命令注入漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A command injection vulnerability exists in Progress Telerik UI prior to version 2025 Q1, which stems from a command injection attack that can be performed by incorrectly neutralizing...

CVE-2024-10095 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q4 2024.4.1213, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-10095

CVE-2024-10095 affects Progress Telerik UI for WPF. The vulnerability stems from an insecure deserialization pathway that can enable a code execution attack. Affected products are Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213). The connected sources consistently describe the issue as ...

Progress Telerik UI 代码问题漏洞

Progress Telerik UI is a suite of UI User Interface controls for application development from Progress, Inc. A code issue vulnerability exists in Progress Telerik UI versions prior to 2024.4.1213, which stems from the presence of an insecure deserialization vulnerability that could allow code...

Progress Telerik UI for WinForms < 2024.4.1113 Unsafe Deserialization

The version of Progress Telerik UI for WinForms installed on the remote host is prior to 2024.4.1113. It is, therefore, affected by the following vulnerability: - In Progress Telerik UI for WinForms versions prior to 2024 Q4 2024.4.1113, a code execution attack is possible through an insecure...

CVE-2024-10012

The CVE-2024-10012 entry concerns Progress Telerik UI for WPF. Affected software: Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111). Issue: insecure deserialization leading to a code execution attack. Impact: described as a code execution vulnerability with HIGH severity in offi...

CVE-2024-10013

CVE-2024-10013 affects Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113). The vulnerability is an insecure deserialization leading to code execution. Underlying issue: deserialization of untrusted data within the WinForms UI suite. Impact is described as total in the risk m...

Progress Telerik UI 代码问题漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress USA. A code issue vulnerability exists in versions of Progress Telerik UI prior to 2024 Q4 that stems from insecure deserialization and could lead to a code execution attack...

Progress Telerik UI for WinForms < 2024.3.924 Command Injection

The version of Progress Telerik UI for WinForms installed on the remote host is prior to 2024.3.924. It is, therefore, affected by a vulnerability as referenced in the cve-2024-7679 advisory. - In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is...

Telerik UI for WPF < 2024.3.924 Multiple Vulnerabilities

The version of Progress Telerik UI for WPF installed on the remote Windows host is prior to 2024 Q3 2024.3.924. It is, therefore, affected by multiple vulnerabilities: - A command injection attack is possible through improper neutralization of hyperlink elements. CVE-2024-7575 - A code execution...

CVE-2024-7576

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-8316 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...