Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-09 CVE-2024-7293 Weak Password Requirements vulnerability in Progress Telerik Reporting
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.
network
low complexity
progress CWE-521
8.8
8.8
2024-10-09 CVE-2024-7840 Command Injection vulnerability in Progress Telerik Reporting 12.0.18.125
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
local
low complexity
progress CWE-77
7.8
7.8
2024-10-09 CVE-2024-8014 Unsafe Reflection vulnerability in Progress Telerik Reporting 12.0.18.125
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
network
low complexity
progress CWE-470
8.8
8.8
2024-10-09 CVE-2024-8015 Unsafe Reflection vulnerability in Progress Telerik Report Server
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
network
low complexity
progress CWE-470
7.2
7.2
2024-10-09 CVE-2024-8048 Unsafe Reflection vulnerability in Progress Telerik Reporting 12.0.18.125
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
local
low complexity
progress CWE-470
7.8
7.8
2024-10-09 CVE-2024-45138 Use After Free vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-416
7.8
7.8
2024-10-09 CVE-2024-45139 Out-of-bounds Write vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2024-10-09 CVE-2024-45140 Out-of-bounds Write vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2024-10-09 CVE-2024-45141 Out-of-bounds Write vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2024-10-09 CVE-2024-45142 Unspecified vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user.
local
low complexity
adobe
7.8
7.8