Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: progress Clear
ID Title
CVE-2026-9272 SQL Injection in progress (CVE-2026-9272)
SQL injection in progress (CVE-2026-9272). Confidential information can be exposed externally.
CVE-2026-8079 Authorization Flaw in progress (CVE-2026-8079)
vulnerability in progress (CVE-2026-8079). Confidential information can be exposed externally.
CVE-2026-7313 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CVE-2026-7312 Vulnerability in progress (CVE-2026-7312)
vulnerability in progress (CVE-2026-7312). Confidential information can be exposed externally.
CVE-2026-7201 CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CVE-2026-7198 Vulnerability in progress (CVE-2026-7198)
vulnerability in progress (CVE-2026-7198). Successful exploitation can lead to full system takeover.
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-8488 Vulnerability in progress (CVE-2026-8488)
vulnerability in progress (CVE-2026-8488). Risk of unauthorized operations or information disclosure.
CVE-2026-8487 Vulnerability in progress (CVE-2026-8487)
vulnerability in progress (CVE-2026-8487). Confidential information can be exposed externally.
CVE-2026-8486 Vulnerability in progress (CVE-2026-8486)
vulnerability in progress (CVE-2026-8486). Risk of unauthorized operations or information disclosure.
CVE-2026-8485 Vulnerability in progress (CVE-2026-8485)
vulnerability in progress (CVE-2026-8485). Risk of unauthorized operations or information disclosure.
CVE-2026-3692 OS Command Injection in progress (CVE-2026-3692)
OS command injection in progress (CVE-2026-3692). Successful exploitation can lead to full system takeover.
CVE-2026-2737 Cross-Site Scripting (XSS) in progress (CVE-2026-2737)
cross-site scripting in progress (CVE-2026-2737). Risk of unauthorized operations or information disclosure.
CVE-2024-4885 KEV [KEV] Path Traversal in Progress whatsup-gold (CVE-2024-4885)
path traversal in Progress whatsup-gold (CVE-2024-4885). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-12251 Command Injection in telerik (CVE-2024-12251)
command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.
CVE-2024-1212 KEV [KEV] OS Command Injection in Progress kemp-loadmaster (CVE-2024-1212)
OS command injection in Progress kemp-loadmaster (CVE-2024-1212). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-6670 KEV [KEV] SQL Injection in Progress whatsup-gold (CVE-2024-6670)
SQL injection in Progress whatsup-gold (CVE-2024-6670). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-4358 KEV [KEV] Vulnerability in Progress telerik-report-server (CVE-2024-4358)
vulnerability in Progress telerik-report-server (CVE-2024-4358). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-40044 KEV [KEV] Unsafe Deserialization in Progress ws-ftp-server (CVE-2023-40044)
vulnerability in Progress ws-ftp-server (CVE-2023-40044). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-34362 KEV [KEV] SQL Injection in Progress moveit-transfer (CVE-2023-34362)
SQL injection in Progress moveit-transfer (CVE-2023-34362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-9248 KEV [KEV] Vulnerability in Progress aspnet-ajax-and-sitefinity (CVE-2017-9248)
vulnerability in Progress aspnet-ajax-and-sitefinity (CVE-2017-9248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-18935 KEV [KEV] Unsafe Deserialization in Progress telerik-ui-for-aspnet-ajax (CVE-2019-18935)
vulnerability in Progress telerik-ui-for-aspnet-ajax (CVE-2019-18935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-9245 Vulnerability in progress (CVE-2015-9245)
vulnerability in progress (CVE-2015-9245). Successful exploitation can lead to full system takeover.
CVE-2017-1000026 Path Traversal in path-traversal (CVE-2017-1000026)
path traversal in path-traversal (CVE-2017-1000026). Data can be tampered with by attackers.
CVE-2017-9140 Cross-Site Scripting (XSS) in csharp (CVE-2017-9140)
cross-site scripting in csharp (CVE-2017-9140). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →