Filtered by vendor Progress Software
                         Subscriptions
                    
                    
                
                    Total
                    8 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2024-4358 | 2 Progress Software, Telerik | 2 Telerik Report Server, Report Server 2024 | 2025-10-21 | 9.8 Critical | 
| In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | ||||
| CVE-2024-10013 | 2 Progress, Progress Software | 2 Telerik Ui For Winforms, Progress Telerik Ui For Wpf Versions | 2025-07-03 | 7.8 High | 
| In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability. | ||||
| CVE-2024-10012 | 2 Progress Software, Telerik | 2 Progress Telerik Ui For Wpf Versions, Ui For Wpf | 2025-01-07 | 7.8 High | 
| In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible through an insecure deserialization vulnerability. | ||||
| CVE-2024-9999 | 1 Progress Software | 1 Ws Ftp Server | 2024-11-13 | 6.5 Medium | 
| In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. | ||||
| CVE-2024-7292 | 2 Progress, Progress Software | 2 Telerik Report Server, Telerik Report Server | 2024-10-16 | 7.5 High | 
| In ProgressĀ® TelerikĀ® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. | ||||
| CVE-2024-8048 | 2 Progress, Progress Software | 2 Telerik Reporting, Telerik Reporting | 2024-10-15 | 7.8 High | 
| In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation. | ||||
| CVE-2024-8015 | 2 Progress, Progress Software | 2 Telerik Report Server, Telerik Reporting | 2024-10-15 | 9.1 Critical | 
| In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. | ||||
| CVE-2024-8014 | 2 Progress, Progress Software | 2 Telerik Reporting, Telerik Reporting | 2024-10-15 | 8.8 High | 
| In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability. | ||||
                            
                                
                                
                                    Page 1 of 1.