CVE-2024-1856 Progress Telerik Reporting Remote Deserialization Vulnerability

In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability...

CVE-2024-1801 Progress Telerik Reporting Local Deserialization Vulnerability

In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...

CVE-2024-1801 Progress Telerik Reporting Local Deserialization Vulnerability

In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...

CVE-2024-1801

Progress Software Telerik Reporting ObjectReader deserialization vulnerability (CVE-2024-1801 / CVE-2024-1856) enables remote code execution through untrusted data. Affected: Telerik Reporting versions prior to 2024 Q1 (18.0.24.130). Attack requires user interaction (e.g., visiting a malicious pa...

CVE-2024-1800 Progress Telerik Report Server Deserialization

In Progress® Telerik® Report Server versions prior to 2024 Q1 10.0.24.130, a remote code execution attack is possible through an insecure deserialization vulnerability...

CVE-2024-1800 Progress Telerik Report Server Deserialization

In Progress® Telerik® Report Server versions prior to 2024 Q1 10.0.24.130, a remote code execution attack is possible through an insecure deserialization vulnerability...

Progress Software Telerik Report Server Code Issue Vulnerability

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software. A security vulnerability exists in Progress Software Telerik Report Server 2024 Q1 10.0.24.130 and prior versions that originated from a vulnerability that allows an...

Progress Software Telerik Report Server Code Issue Vulnerability

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software. A security vulnerability exists in Progress Software Telerik Report Server 2024 Q1 10.0.24.130 and prior versions that originated from a vulnerability that allows an...

Recognizing Progress and Living Our Values: Akamai’s 2023 ESG Impact Report

...

CVE-2023-6525

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

PT-2024-14993 · WordPress · Elementskit Elementor Addons

Name of the Vulnerable Software and Affected Versions: ElementsKit Elementor addons plugin for WordPress versions up to, and including, 3.0.3 Description: The issue is related to Stored Cross-Site Scripting via the progress bar element attributes due to insufficient input sanitization and output...

Progress OpenEdge Installed (Windows)

Binary data progressopenedgewininstalled.nbin...

CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management

In a world of ever-expanding jargon, adding another FLA Four-Letter Acronym to your glossary might seem like the last thing you'd want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security postur...

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept PoC exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403...

Exploit for Authentication Bypass by Primary Weakness in Progress Openedge

CVE-2024-1403 Progress OpenEdge Authentication Bypass An explo...

BIT-PHP-2020-7062 Null Pointer Dereference in PHP Session Upload Progress

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.uploadprogress.cleanup is set to 0 disabled, and the file upload fails, the upload procedure would try to clean up data that does...

SUSE CVE-2021-47014

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...

SUSE CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...

CVE-2024-1982

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the getrestoreprogress and restore functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL...

DEBIAN-CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...