Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now

Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in version 24.0.1 released on September 20, 2024. The company has yet to release any details about what t...

CVE-2024-8316

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-7576

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-8316 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-8316

CVE-2024-8316 affects Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924). It is caused by an insecure deserialization vulnerability that can lead to remote code execution (documented as a code execution attack). The CVE entry notes a local attack vector with low privileges and no ...

CVE-2024-8316 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-7576 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-7576 Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-7575 Improper neutralization special element in hyperlinks

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...

CVE-2024-7679 Improper neutralization special element in hyperlinks

In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...

CVE-2024-7679 Improper neutralization special element in hyperlinks

In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...

Top LMS Training Tips for Effective Learning

LMS training is vital for modern education and corporate learning, enabling efficient course delivery and progress tracking. To…...

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

file-unpumper is a powerful command-line utility designed to clean and analyze Portable Executable PE files. It provides a range of features to help developers and security professionals work with PE files more effectively. Features PE Header Fixing : file-unpumper can fix and align the PE header...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461link is external Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670link is external Progress WhatsUp Gold SQL Injection Vulnerability...

Progress WhatsUp Gold SQL Injection Vulnerability

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...

CVE-2024-6658

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.0 inclusive From 7.2.49.0 to 7.2.54.11 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-6658

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.0 inclusive From 7.2.49.0 to 7.2.54.11 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-6658 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.0 inclusive From 7.2.49.0 to 7.2.54.11 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-6658

CVE-2024-6658 is an Improper Input Validation vulnerability affecting Kemp LoadMaster products. The issue allows an authenticated user to trigger OS command injection due to improper input validation in LoadMaster’s exposed functionality. Affected versions include LoadMaster 7.2.55.0–7.2.60.0 (in...