CVE Tools

telerik

DevTools & CIcommercial

5

Cumulative CVEs

2

Monthly snapshots

#146

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting telerik.

CVE-2024-10095Progress UI for WPF format provider unsafe deserialization vulnerability8.4Dec 16, 2024
CVE-2024-10012Progress UI for WPF format provider unsafe deserialization vulnerability7.8Nov 13, 2024
CVE-2024-8316Progress UI for WPF format provider unsafe deserialization vulnerability7.8Sep 25, 2024
CVE-2024-7576Progress UI for WPF format provider unsafe deserialization vulnerability7.8Sep 25, 2024
CVE-2024-7575Improper neutralization special element in hyperlinks7.8Sep 25, 2024
CVE-2024-7679Improper neutralization special element in hyperlinks7.8Sep 25, 2024
CVE-2024-4358Registration Authentication Bypass VulnerabilityKEV9.8May 29, 2024
CVE-2020-13661Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and th...8.8Nov 5, 2020
CVE-2020-11414An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of th...7.5Mar 31, 2020
CVE-2019-19790Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server thr...9.8Dec 13, 2019
CVE-2019-18935Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to ...KEV9.8Dec 11, 2019
CVE-2018-15122An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or E...7.8Aug 16, 2018
CVE-2017-11317Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads ...KEV9.8Aug 23, 2017
CVE-2017-9248Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the Machine...KEV9.8Jul 3, 2017
CVE-2015-2264Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library before 3.2.1...6.9Mar 13, 2015