Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress openedge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40052
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thr...
Progress Openedge
Progress Openedge Innovation
NA
CVE-2023-40051
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on...
Progress Openedge
Progress Openedge Innovation
NA
CVE-2023-34203
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) prior to 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS prior to 11.7.16, 1...
Progress Openedge Explorer
Progress Openedge Management
Progress Openedge
7.2
CVSSv2
CVE-2022-29849
In Progress OpenEdge prior to 11.7.14 and 12.x prior to 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system.
Progress Openedge
7.5
CVSSv2
CVE-2015-9245
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote malicious users to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.
Progress Openedge 11.1
Progress Openedge 10.2b08
Progress Openedge 10.2a
Progress Openedge 10.2b
Progress Openedge 11.5
Progress Openedge 11.4
Progress Openedge 11.3
Progress Openedge 11.2
Progress Openedge 11.0
Progress Openedge 10.2b07
5
CVSSv2
CVE-2014-8555
Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the selection parameter.
Progress Openedge 11.2
1 EDB exploit
10
CVSSv2
CVE-2007-2417
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote malicious users to execute arbitrary code via...
Progress Openedge 10.1a
Progress Openedge 10.1b
Progress Progress 9.1e
Rsa Ace Server 5.2
7.5
CVSSv2
CVE-2007-3491
Buffer overflow in _mprosrv in Progress Software OpenEdge prior to 9.1E0422, and 10.x prior to 10.1B01, allows remote malicious users to have an unknown impact via a malformed TCP/IP message.
Progress Openedge 10.1b
Progress Openedge 10.1a
Progress Openedge 9.1e
7.8
CVSSv2
CVE-2007-2506
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote malicious users to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by ...
Progress Webspeed 3.1a
Progress Webspeed 3.1d
Progress Progress 9.1e
Progress Webspeed 3.0
Progress Webspeed 3.1e
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started