Vulnerabilities > Progress > Telerik Reporting > 9.2.15.1105

DATE CVE VULNERABILITY TITLE RISK
2025-02-12 CVE-2024-6097 Path Traversal vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
network
low complexity
progress CWE-22
5.3
2024-05-15 CVE-2024-4200 Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
local
low complexity
progress CWE-502
7.8
2024-05-15 CVE-2024-4202 Code Injection vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation vulnerability.
local
low complexity
progress CWE-94
8.6
2024-05-15 CVE-2024-4357 XXE vulnerability in Progress Telerik Reporting
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing.
network
low complexity
progress CWE-611
6.5
2024-03-20 CVE-2024-1801 Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
local
low complexity
progress CWE-502
7.8
2024-03-20 CVE-2024-1856 Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability.
network
low complexity
progress CWE-502
8.8