Vulnerabilities > Progress > Openedge > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2023-40051 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress Openedge and Openedge Innovation This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. | 9.9 |
| 2007-07-15 | CVE-2007-2417 | Buffer Overflow vulnerability in Progress and OpenEdge _mprosrv Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. | 10.0 |