Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-15122
An issue found in Progress Telerik JustAssembly up to and including 2018.1.323.2 and JustDecompile up to and including 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resou...
Telerik Justdecompile
Telerik Justassembly
668
VMScore
CVE-2019-19790
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote malicious user to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in ...
Telerik Radchart
Telerik Ui For Asp.net Ajax -
757
VMScore
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
760
VMScore
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Sitefinity Cms
Telerik Ui For Asp.net Ajax
1 EDB exploit
17 Github repositories
1 Article
383
VMScore
CVE-2014-4958
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote malicious users to inject arbitrary web script or HTML via CSS expressions in style attributes.
Telerik Asp.net Ajax Radeditor Control
Telerik Asp.net Ajax Radeditor Control 2009.3.1208.20
1 Article
605
VMScore
CVE-2020-13661
Telerik Fiddler up to and including 5.0.20202.18177 allows malicious users to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must intera...
Telerik Fiddler
NA
CVE-2024-0219
In Telerik JustDecompile versions before 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate t...
Progress Telerik Justdecompile
NA
CVE-2024-0832
In Telerik Reporting versions before 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the insta...
Progress Telerik Reporting
NA
CVE-2024-0833
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulat...
Progress Telerik Test Studio
614
VMScore
CVE-2015-2264
Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library prior to 3.2.125 allow local users to gain privileges via a Trojan horse (a) csunsapi.dll, (b) ...
Telerik Analytics Monitor Library
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »