Product:

Telerik_report_server

(Progress)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2025-02-12 CVE-2025-0556 In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing. Telerik_report_server 6.5
2024-03-20 CVE-2024-1800 In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. Telerik_report_server 8.8
2024-05-15 CVE-2024-4837 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability. Telerik_report_server 5.3
2024-07-24 CVE-2024-6327 In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. Telerik_report_server 9.8
2024-11-13 CVE-2024-7295 In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. Telerik_report_server 6.2
2024-10-09 CVE-2024-7292 In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. Telerik_report_server 8.8
2024-10-09 CVE-2024-8015 In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. Telerik_report_server 7.2