287 matches found
EUVD-2024-48237
Malicious code in bioql PyPI...
EUVD-2024-48238
Malicious code in bioql PyPI...
EUVD-2024-48236
Malicious code in bioql PyPI...
EUVD-2022-49682
Malicious code in bioql PyPI...
CVE-2022-46898
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file...
CVE-2022-46899
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any...
CVE-2022-46901
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This...
CVE-2022-46900
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
CVE-2022-46902
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the...
Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...
CVE-2025-0556
In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...
Progress Telerik Report Server < 11.0.25.211 Cleartext Transmission
The version of Progress Telerik Report Server installed on the remote host is affected by an cleartext transmission vulnerability. In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive...
CVE-2025-0556
In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...
CVE-2025-0556
In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...
CVE-2025-0556
In Progress Telerik Report Server, before 2025 Q1 (11.0.25.211) using the older .NET Framework implementation, the communication of non-sensitive information between the service agent process and the app host process happens over an unencrypted tunnel, exposing it to potential local network traff...
CVE-2025-0556 Telerik Report Server Clear Text Transmission of Agent Commands
In Progress® Telerik® Report Server, versions prior to 2025 Q1 11.0.25.211 when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local netwo...
Progress Telerik Report Server 安全漏洞
Progress Telerik Report Server is an enterprise-class report management and distribution solution from Progress USA. A security vulnerability exists in Progress Telerik Report Server prior to version 2025 Q1, which stems from the fact that when using older .NET Framework implementations,...
PT-2025-6792 · Progress · Progress Telerik Report Server
Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2025 Q1 11.0.25.211 Description: The issue concerns the communication of non-sensitive information between the service agent process and app host process in In Progress Telerik Report Server...
CVE-2024-7295
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-7293
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a password brute forcing attack is possible through weak password requirements...