Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
9.8
CVSSv3
CVE-2017-11357
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax
1 EDB exploit
4 Github repositories
9.8
CVSSv3
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Ui For Asp.net Ajax
Telerik Sitefinity Cms
1 EDB exploit
17 Github repositories
1 Article
6.1
CVSSv3
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik Reporting
Progress Sitefinity Cms
NA
CVE-2015-2264
Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library prior to 3.2.125 allow local users to gain privileges via a Trojan horse (a) csunsapi.dll, (b) ...
Telerik Analytics Monitor Library
NA
CVE-2014-2217
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote malicious users to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadat...
Telerik Ui For Asp.net Ajax
1 Github repository
NA
CVE-2014-4958
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote malicious users to inject arbitrary web script or HTML via CSS expressions in style attributes.
Telerik Asp.net Ajax Radeditor Control 2009.3.1208.20
Telerik Asp.net Ajax Radeditor Control
1 Article
NA
CVE-2014-0701
Cisco Wireless LAN Controller (WLC) devices 7.0 prior to 7.0.250.0, 7.2, 7.3, and 7.4 prior to 7.4.110.0 do not properly deallocate memory, which allows remote malicious users to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf...
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller Software 7.2.110.0
Cisco Wireless Lan Controller Software 7.3.101.0
Cisco Wireless Lan Controller Software 7.0
Cisco Wireless Lan Controller Software 7.0.220.0
Cisco Wireless Lan Controller Software 7.0.235.0
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller Software 7.2.103.0
Cisco Wireless Lan Controller Software 7.3
NA
CVE-2014-0703
Cisco Wireless LAN Controller (WLC) devices 7.4 prior to 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote malicious users to bypass intended access restrictions by connecting to an Aironet access ...
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller
NA
CVE-2014-0704
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 prior to 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote malicious users to cause a denial of service (memory over-read and device restart) via a crafted field i...
Cisco Wireless Lan Controller Software 4.0
Cisco Wireless Lan Controller Software 4.0.108
Cisco Wireless Lan Controller Software 4.0.155.0
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 5.2
Cisco Wireless Lan Controller Software 4.0.155.5
Cisco Wireless Lan Controller Software 4.0.179.8
Cisco Wireless Lan Controller Software 4.1.181.0
Cisco Wireless Lan Controller Software 4.1m
Cisco Wireless Lan Controller Software 4.2.176.0
Cisco Wireless Lan Controller Software 4.2.61.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 5.1.160.0
Cisco Wireless Lan Controller Software 6.0.182.0
Cisco Wireless Lan Controller Software 6.0.196.0
Cisco Wireless Lan Controller Software 7.1
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller Software 4.0.206.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »