Progress Telerik_report_server
7 CVEs affecting Progress Telerik_report_server. Latest disclosed: 2025-02-12. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6327 | Critical | 9.9 | 2024-07-24 | In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vul… |
CVE-2024-1800 | Critical | 9.9 | 2024-03-20 | In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vu… |
CVE-2024-8015 | Critical | 9.1 | 2024-10-09 | In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure… |
CVE-2025-0556 | High | 8.8 | 2025-02-12 | In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive… |
CVE-2024-7292 | High | 7.5 | 2024-10-09 | In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive… |
CVE-2024-7295 | High | 7.1 | 2024-11-13 | In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a soph… |
CVE-2024-4837 | Medium | 5.3 | 2024-05-15 | In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restr… |