Lucene search
+L
ProgressOpenedge

4 matches found

CVE
CVE
added 2022/05/01 11:23 p.m.68 views

CVE-2022-29849

CVE-2022-29849 affects Progress OpenEdge; vulnerable in OpenEdge versions before 11.7.14 and 12.x before 12.2.9 due to privilege-escalation risk from certain SUID binaries. Local attackers could elevate privileges on the affected system. Remediation: upgrade to OpenEdge 11.7.14 or later, or 12.2....

7.8CVSS7.5AI score0.00272EPSS
CVE
CVE
added 2024/09/03 2:51 p.m.54 views

CVE-2024-7346

CVE-2024-7346 affects Progress OpenEdge: using the installed default TLS certificates allows bypassing host-name validation during TLS handshakes in network connections. The issue is fixed by requiring CA-signed certificates that contain sufficient information to support host-name validation; def...

7.2CVSS5.8AI score0.00162EPSS
CVE
CVE
added 2007/06/29 6:0 p.m.47 views

CVE-2007-3491

CVE-2007-3491 concerns a buffer overflow in Progress OpenEdge’s _mprosrv (before 9.1E0422 and before 10.1B01 for 10.x) that can be triggered by a malformed TCP/IP message. The available documents identify the affected component (_mprosrv.exe) and the vulnerable versions, with an remote-access vec...

7.5CVSS7AI score0.02517EPSS
CVE
CVE
added 2024/01/18 3:11 p.m.42 views

CVE-2023-40052

CVE-2023-40052 affects Progress Application Server (PAS) for OpenEdge. A malformed web request can crash a PASOE agent, potentially disrupting thread activities of multiple web application clients and causing DoS due to flooding of invalid requests. Affected versions are 11.7 < 11.7.18, 12.2

7.5CVSS7.5AI score0.0057EPSS