Vulnerabilities > Telerik

DATE CVE VULNERABILITY TITLE RISK
2024-12-16 CVE-2024-10095 Deserialization of Untrusted Data vulnerability in Telerik UI for WPF
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.
network
low complexity
telerik CWE-502
critical
9.8
2024-09-25 CVE-2024-7575 Command Injection vulnerability in Telerik UI for WPF
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.
network
low complexity
telerik CWE-77
critical
9.8
2024-09-25 CVE-2024-7576 Deserialization of Untrusted Data vulnerability in Telerik UI for WPF
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.
network
low complexity
telerik CWE-502
critical
9.8
2024-09-25 CVE-2024-7679 Command Injection vulnerability in Telerik UI for WPF
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.
local
low complexity
telerik CWE-77
7.8
2024-09-25 CVE-2024-8316 Deserialization of Untrusted Data vulnerability in Telerik UI for WPF
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.
local
low complexity
telerik CWE-502
7.8
2024-05-29 CVE-2024-4358 Authentication Bypass by Spoofing vulnerability in Telerik Report Server 2024 10.0.24.130/10.0.24.305
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
network
low complexity
telerik CWE-290
critical
9.8
2021-03-11 CVE-2021-28141 Missing Authorization vulnerability in Telerik UI for Asp.Net Ajax 2021.1.224
An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224.
network
low complexity
telerik CWE-862
critical
9.8
2020-11-05 CVE-2020-13661 Unspecified vulnerability in Telerik Fiddler 5.0.20202.18177
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program.
network
low complexity
telerik
8.8
2020-03-31 CVE-2020-11414 Path Traversal vulnerability in Telerik UI for Silverlight
An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330.
network
low complexity
telerik CWE-22
7.5
2019-12-13 CVE-2019-19790 Path Traversal vulnerability in Telerik Radchart and UI for Asp.Net Ajax
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request.
network
low complexity
telerik CWE-22
critical
9.8