5 matches found
CVE-2026-6023
In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filter state if the state is exposed to the client. If an attacker tampers with this state, a server-side remote code execution is possible...
CVE-2026-2878
In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering...
CVE-2026-2878
In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering...
CVE-2025-3600
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...
PT-2025-21164
Name of the Vulnerable Software and Affected Versions Progress Telerik UI for AJAX versions 2011.2.712 through 2025.1.218 Description An unsafe reflection issue exists in Progress Telerik UI for AJAX. This flaw can lead to an unhandled exception, potentially causing a crash of the hosting process...