Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-15122
An issue found in Progress Telerik JustAssembly up to and including 2018.1.323.2 and JustDecompile up to and including 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resou...
Telerik Justdecompile
Telerik Justassembly
9.8
CVSSv3
CVE-2019-19790
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote malicious user to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in ...
Telerik Radchart
Telerik Ui For Asp.net Ajax -
9.8
CVSSv3
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
9.8
CVSSv3
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Sitefinity Cms
Telerik Ui For Asp.net Ajax
1 EDB exploit
17 Github repositories
1 Article
NA
CVE-2014-4958
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote malicious users to inject arbitrary web script or HTML via CSS expressions in style attributes.
Telerik Asp.net Ajax Radeditor Control
Telerik Asp.net Ajax Radeditor Control 2009.3.1208.20
1 Article
8.8
CVSSv3
CVE-2020-13661
Telerik Fiddler up to and including 5.0.20202.18177 allows malicious users to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must intera...
Telerik Fiddler
7.8
CVSSv3
CVE-2024-0219
In Telerik JustDecompile versions before 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate t...
Progress Telerik Justdecompile
7.8
CVSSv3
CVE-2024-0832
In Telerik Reporting versions before 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the insta...
Progress Telerik Reporting
7.5
CVSSv3
CVE-2020-11414
An issue exists in Progress Telerik UI for Silverlight prior to 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be...
Telerik Ui For Silverlight
NA
CVE-2015-2264
Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library prior to 3.2.125 allow local users to gain privileges via a Trojan horse (a) csunsapi.dll, (b) ...
Telerik Analytics Monitor Library
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »