Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0219
In Telerik JustDecompile versions before 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate t...
Progress Telerik Justdecompile
7.5
CVSSv2
CVE-2021-29281
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
Gfi Archiver
7.5
CVSSv2
CVE-2021-28141
An issue exists in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the malicious user to gain unauthorized access to the server and execute code. To exploit, one mus...
Telerik Ui For Asp.net Ajax 2021.1.224
6.8
CVSSv2
CVE-2020-13661
Telerik Fiddler up to and including 5.0.20202.18177 allows malicious users to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must intera...
Telerik Fiddler
5
CVSSv2
CVE-2020-11414
An issue exists in Progress Telerik UI for Silverlight prior to 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be...
Telerik Ui For Silverlight
7.5
CVSSv2
CVE-2019-19790
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote malicious user to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in ...
Telerik Radchart
Telerik Ui For Asp.net Ajax -
7.5
CVSSv2
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX up to and including 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Explo...
Telerik Ui For Asp.net Ajax
17 Github repositories
2 Articles
6.8
CVSSv2
CVE-2019-12097
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe.
Progress Fiddler 5.0.20182.28034
1 Github repository
5
CVSSv2
CVE-2018-17060
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote malicious user to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013.
Progress Telerik Extensions For Asp.net Mvc
6.8
CVSSv2
CVE-2018-15122
An issue found in Progress Telerik JustAssembly up to and including 2018.1.323.2 and JustDecompile up to and including 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resou...
Telerik Justdecompile
Telerik Justassembly
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »