Vulnerabilities > Telerik > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-7679 | Command Injection vulnerability in Telerik UI for WPF In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. | 7.8 |
| 2024-09-25 | CVE-2024-8316 | Deserialization of Untrusted Data vulnerability in Telerik UI for WPF In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. | 7.8 |
| 2020-11-05 | CVE-2020-13661 | Unspecified vulnerability in Telerik Fiddler 5.0.20202.18177 Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. | 8.8 |
| 2020-03-31 | CVE-2020-11414 | Path Traversal vulnerability in Telerik UI for Silverlight An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. | 7.5 |
| 2018-08-16 | CVE-2018-15122 | Improper Input Validation vulnerability in Telerik Justassembly and Justdecompile An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource. | 7.8 |