13 matches found
CVE-2023-40051
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system...
EUVD-2023-44658
Malicious code in bioql PyPI...
EUVD-2023-44659
Malicious code in bioql PyPI...
CVE-2023-40052
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities...
Design/Logic Flaw
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system...
Code injection
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities...
CVE-2023-40052 Progress Application Server (PAS) for OpenEdge Denial of Service
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities...
CVE-2023-40052 Progress Application Server (PAS) for OpenEdge Denial of Service
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities...
CVE-2023-40052
CVE-2023-40052 affects Progress Application Server (PAS) for OpenEdge. A malformed web request can crash a PASOE agent, potentially disrupting thread activities of multiple web application clients and causing DoS due to flooding of invalid requests. Affected versions are 11.7 < 11.7.18, 12.2
CVE-2023-40051 Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system...
CVE-2023-40051 Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system...
CVE-2023-40051
CVE-2023-40051 affects Progress Application Server (PAS) for OpenEdge. A WEB transport request can allow unintended file uploads to a server directory path on the PASOE host, potentially enabling a later attack if the uploaded payload is exploitable. Affected versions are 11.7 before 11.7.18, 12....
PT-2024-12836 · Progress · Progress Application Server (Pas) For Openedge
Name of the Vulnerable Software and Affected Versions: Progress Application Server PAS for OpenEdge versions 11.7 prior to 11.7.18 Progress Application Server PAS for OpenEdge versions 12.2 prior to 12.2.13 Progress Application Server PAS for OpenEdge innovation releases prior to 12.8.0...