CVE-2025-39516 WordPress Author WIP Progress Bar <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alan Petersen Author WIP Progress Bar allows DOM-Based XSS. This issue affects Author WIP Progress Bar: from n/a through 1.0...

CVE-2025-39516 WordPress Author WIP Progress Bar plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alan Petersen Author WIP Progress Bar author-work-in-progress-bar allows DOM-Based XSS.This issue affects Author WIP Progress Bar: from n/a through = 1.0...

Progress WhatsUp Gold < 24.0.3 Database Manipulation (CVE-2025-2572)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.3. It is, therefore, affected by a database manipulation vulnerability: - In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the...

CVE-2025-1968

Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs Session Replay Attacks.This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231,...

CVE-2025-1968

Summary: CVE-2025-1968 is an Insufficient Session Expiration vulnerability in Progress Sitefinity. Under specific and uncommon conditions, it allows reusing Session IDs (Session Replay Attacks). Affected versions are Sitefinity 14.0–14.3, 14.4 before 14.4.8145, 15.0 before 15.0.8231, 15.1 before ...

CVE-2025-1968

Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs Session Replay Attacks.This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231,...

CVE-2025-1968

Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs Session Replay Attacks.This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231,...

Malicious code in @hongfangze/progress (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30ce725234e86c5968568e8c66969c293462123d379f788087b8a0a5d8ebed31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Applying Modern UI patch for Citrix Storefront LTSR2402 CU2 (to support CWA Linux Clients)

Symptoms or Error When users on Linux login to their Citrix Workspace App for Linux , they see an infinite progress screen or error instead of seeing the list of their apps and desktops. This is applicable only for customers where the admins have 1. Upgraded their StoreFronts to the new Storefron...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Progress DataDirect Connect for ODBC

Summary Multiple vulnerabilities in Progress DataDirect Connect for ODBC used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-34363 DESCRIPTION: Progress DataDirect Connect for ODBC could allow a remote attacker to obtain sensitive information, caused by...

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

Progress LoadMaster 安全漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. A security vulnerability exists in Progress LoadMaster that stems from improper input validation and could result in a buffer overflow...

Progress Software Kemp LoadMaster mangle Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mangle executable. The issue results from the lack of proper...

Malicious code in simple-progress-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b0b2ded38b63b01027590e0a217718f8b204d46705ecbb37c8d33733ffa1177 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2281 Malicious code in simple-progress-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b0b2ded38b63b01027590e0a217718f8b204d46705ecbb37c8d33733ffa1177 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-11649 · Kemp · Kemp Loadmaster

Name of the Vulnerable Software and Affected Versions: Progress LoadMaster versions 7.2.40.0 and above ECS versions all versions Multi-Tenancy versions 7.1.35.4 and above Description: The issue is related to an improper input validation vulnerability in Progress LoadMaster, which allows a buffer...

Linux Distros Unpatched Vulnerability : CVE-2024-26962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape...