Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress openedge vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2023-40051
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on...
Progress Openedge
Progress Openedge Innovation
9.8
CVSSv3
CVE-2015-9245
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote malicious users to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.
Progress Openedge 11.1
Progress Openedge 10.2b08
Progress Openedge 10.2a
Progress Openedge 10.2b
Progress Openedge 11.5
Progress Openedge 11.4
Progress Openedge 11.3
Progress Openedge 11.2
Progress Openedge 11.0
Progress Openedge 10.2b07
8.8
CVSSv3
CVE-2023-34203
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) prior to 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS prior to 11.7.16, 1...
Progress Openedge Explorer
Progress Openedge Management
Progress Openedge
7.8
CVSSv3
CVE-2022-29849
In Progress OpenEdge prior to 11.7.14 and 12.x prior to 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system.
Progress Openedge
7.5
CVSSv3
CVE-2023-40052
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thr...
Progress Openedge
Progress Openedge Innovation
NA
CVE-2014-8555
Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the selection parameter.
Progress Openedge 11.2
1 EDB exploit
NA
CVE-2007-2417
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote malicious users to execute arbitrary code via...
Progress Openedge 10.1a
Progress Openedge 10.1b
Progress Progress 9.1e
Rsa Ace Server 5.2
NA
CVE-2007-3491
Buffer overflow in _mprosrv in Progress Software OpenEdge prior to 9.1E0422, and 10.x prior to 10.1B01, allows remote malicious users to have an unknown impact via a malformed TCP/IP message.
Progress Openedge 10.1b
Progress Openedge 10.1a
Progress Openedge 9.1e
NA
CVE-2007-2506
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote malicious users to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by ...
Progress Webspeed 3.1a
Progress Webspeed 3.1d
Progress Progress 9.1e
Progress Webspeed 3.0
Progress Webspeed 3.1e
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started