CVE-2024-56134 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-56133 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions ECS All prior...

CVE-2024-56131

CVE-2024-56131 (and related CVEs 56132–56135) affect Progress LoadMaster and associated products, exposing OS command injection via improper input validation when an authenticated user interacts with the management interface. Affected versions include LoadMaster 7.2.55.0–7.2.60.1 (inclusive), 7.2...

CVE-2024-56131 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-7591

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

CVE-2024-5805

Improper Authentication vulnerability in Progress MOVEit Gateway SFTP modules allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0...

CVE-2024-49657

Missing Authorization vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through = 1.0.3...

CVE-2024-49652

Unrestricted Upload of File with Dangerous Type vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through = 1.0.3...

CVE-2024-11625

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11626

Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...

Progress LoadMaster 输入验证错误漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. An input validation error vulnerability exists in Progress LoadMaster. An attacker could exploit this vulnerability to cause operating system command injection...

Progress LoadMaster 输入验证错误漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. An input validation error vulnerability exists in Progress LoadMaster. An attacker could exploit this vulnerability to cause operating system command injection...

Progress LoadMaster 输入验证错误漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. An input validation error vulnerability exists in Progress LoadMaster. An attacker could exploit this vulnerability to cause operating system command injection...

Progress LoadMaster 输入验证错误漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. An input validation error vulnerability exists in Progress LoadMaster. An attacker could exploit this vulnerability to cause operating system command injection...

Progress LoadMaster 输入验证错误漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. An input validation error vulnerability exists in Progress LoadMaster. An attacker could exploit this vulnerability to cause operating system command injection...

CVE-2024-8755

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

GHSA-V4MQ-X674-FF73 AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider

Impact Users who use IAM OIDC custom resource provider package will download CA Thumbprints as part of the custom resource workflow, https://github.com/aws/aws-cdk/blob/d16482fc8a4a3e1f62751f481b770c09034df7d2/packages/%40aws-cdk/custom-resource-handlers/lib/aws-iam/oidc-handler/external.tsL34...

Progress WhatsUp Gold < 24.0.2 Multiple Vulnerabilities (000273323)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.2. It is, therefore, affected by multiple vulnerabilities: - In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. CVE-2024-12108 - In WhatsUp...

CVE-2025-23936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harun R. Rayhanthecrazycoder CC Circle Progress Bar cc-circle-progress-bar allows Stored XSS.This issue affects CC Circle Progress Bar: from n/a through = 1.0.0...

CVE-2025-23892

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through = 0.9.3...