Lucene search
K
ProgressTelerik Report Server

7 matches found

CVE
CVE
added 2024/03/20 1:11 p.m.194 views

CVE-2024-1800

Progress Telerik Report Server CVE-2024-1800 describes an insecure deserialization vulnerability in versions prior to 2024 Q1 (10.0.24.130) that enables remote code execution. The issue arises from deserialization flaws in the server, allowing an attacker to trigger code execution remotely. Sever...

9.9CVSS9.7AI score0.40375EPSS
In wildWeb
CVE
CVE
added 2024/07/24 1:57 p.m.89 views

CVE-2024-6327

CVE-2024-6327 affects Progress Telerik Report Server prior to 2024 Q2 (10.1.24.709). The issue is an insecure deserialization vulnerability that enables remote code execution over the network (no user interaction). AFFECTED: Progress Telerik Report Server versions before 10.1.24.709. IMPACT: remo...

9.9CVSS9.8AI score0.01997EPSS
CVE
CVE
added 2025/02/12 3:11 p.m.69 views

CVE-2025-0556

In Progress Telerik Report Server, before 2025 Q1 (11.0.25.211) using the older .NET Framework implementation, the communication of non-sensitive information between the service agent process and the app host process happens over an unencrypted tunnel, exposing it to potential local network traff...

8.8CVSS6.5AI score0.00285EPSS
CVE
CVE
added 2024/10/09 2:49 p.m.50 views

CVE-2024-8015

CVE-2024-8015 affects Progress Telerik Report Server before 2024 Q3 (10.2.24.924). The root cause is an insecure type resolution that allows object injection, enabling remote code execution. Public references describe a remote code execution vulnerability in versions prior to 10.2.24.924. Remedia...

9.1CVSS8.7AI score0.00822EPSS
CVE
CVE
added 2024/11/13 3:22 p.m.49 views

CVE-2024-7295

CVE-2024-7295 affects Progress Telerik Report Server and is tied to an encryption weakness in the local asset data protection. Versions prior to 2024 Q4 (10.3.24.1112) reportedly use an older encryption algorithm, which may allow a sophisticated actor to decrypt local asset data. The vulnerabilit...

7.1CVSS6.3AI score0.00106EPSS
CVE
CVE
added 2024/10/09 2:47 p.m.48 views

CVE-2024-7292

Progress Telerik Report Server up to version 10.2.24.709 (pre-2024 Q3) is affected by CVE-2024-7292 due to improper restriction of excessive login attempts, enabling credential stuffing and potential unauthorized access. The issue is reported for versions prior to 2024 Q3 (10.2.24.806). The docum...

8.8CVSS7.7AI score0.00317EPSS
CVE
CVE
added 2024/05/15 5:4 p.m.23 views

CVE-2024-4837

CVE-2024-4837 affects Progress Telerik Report Server (Progress) on IIS, with the 2024 Q1 release (10.0.24.305) or earlier vulnerable to a trust boundary violation that lets an unauthenticated attacker access restricted functionality. Connected sources identify the affected product, version range,...

5.3CVSS7AI score0.00431EPSS