9.1
CVE-2024-8015 - Telerik Report Server Insecure Type Resolution
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
7.5
CVE-2024-7292 - Account Controller allows high count of login attempts
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts.
7.5
CVE-2024-7294 - Uncontrolled resource consumption of anonymous endpoints
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
7.5
CVE-2024-7293 - Password policy for new users is not strong enough
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.
7.8
CVE-2024-7840 - Improper neutralization special element in hyperlinks
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
7.8
CVE-2024-47425 - Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious …
7.8
CVE-2024-47423 - Adobe Framemaker | Unrestricted Upload of File with Dangerous Type (CWE-434)
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which can be automatically processed or exe…
7.8
CVE-2024-47421 - Adobe Framemaker | Out-of-bounds Read (CWE-125)
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre…
7.8
CVE-2024-47424 - Adobe Framemaker | Integer Overflow or Wraparound (CWE-190)
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-47422 - Adobe Framemaker | Untrusted Search Path (CWE-426)
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly ex…