Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Progress Software — Vulnerabilities & Security Advisories 55

Browse all 55 CVE security advisories affecting Progress Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Progress Software develops enterprise software solutions, primarily focusing on application development platforms, database management, and integration tools for large-scale organizations. Its portfolio includes widely used technologies like OpenEdge and Telerik, which serve as critical infrastructure for business operations. Historically, security audits have identified recurring vulnerability classes within its products, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues often stem from input validation errors or improper access controls in legacy components. While no single catastrophic breach has defined the company’s public security history, the accumulation of 55 recorded CVEs highlights persistent challenges in maintaining secure codebases across complex, long-standing software architectures. The company generally responds to disclosures through standard patch cycles, though the volume of findings suggests ongoing efforts to modernize security practices across its diverse product line.

Top products by Progress Software: LoadMaster Flowmon Telerik Reporting Telerik UI for WPF Telerik UI for ASP.NET AJAX Flowmon ADS Telerik Report Server MOVEit Automation Chef Automate Hybrid Data Pipeline Telerik Document Processing Libraries Telerik UI for WinForms Telerik UI for WinUI Progress® Telerik® UI for WinForms Telerik KendoReact Progress® Telerik® Document Processing Libraries Progress® Telerik® Kendo UI for Vue Kendo UI for jQuery MOVEit Transfer Telerik Test Studio Chef Inspec Telerik JustDecompile
CVE IDTitleCVSSSeverityPublished
CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability — Progress® Telerik® UI for WinFormsCWE-22 7.8 High2025-02-12
CVE-2025-0556 Telerik Report Server Clear Text Transmission of Agent Commands — Telerik Report ServerCWE-319 8.8 High2025-02-12
CVE-2024-12251 Improper neutralization special element in hyperlinks — Telerik UI for WinUICWE-77 7.8 High2025-02-12
CVE-2024-10095 Progress UI for WPF format provider unsafe deserialization vulnerability — Telerik UI for WPFCWE-502 8.4 High2024-12-16
CVE-2024-8049 Telerik Document Processing Improper Handling of Memory Resources — Telerik Document Processing LibrariesCWE-834 6.5 Medium2024-11-13
CVE-2024-10012 Progress UI for WPF format provider unsafe deserialization vulnerability — Telerik UI for WPFCWE-502 7.8 High2024-11-13
CVE-2024-10013 Progress UI for WinForms format provider unsafe deserialization vulnerability — Telerik UI for WinFormsCWE-502 7.8 High2024-11-13
CVE-2024-8015 Telerik Report Server Insecure Type Resolution — Telerik ReportingCWE-470 9.1 Critical2024-10-09
CVE-2024-7840 Improper neutralization special element in hyperlinks — Telerik ReportingCWE-77 7.8 High2024-10-09
CVE-2024-8048 Telerik Reporting Insecure Expression Evaluation — Telerik ReportingCWE-470 7.8 High2024-10-09
CVE-2024-8014 Telerik Reporting EntityDataSource Insecure Type Resolution — Telerik ReportingCWE-470 8.8 High2024-10-09
CVE-2024-8316 Progress UI for WPF format provider unsafe deserialization vulnerability — Telerik UI for WPFCWE-502 7.8 High2024-09-25
CVE-2024-7576 Progress UI for WPF format provider unsafe deserialization vulnerability — Telerik UI for WPFCWE-502 7.8 High2024-09-25
CVE-2024-7575 Improper neutralization special element in hyperlinks — Telerik UI for WPFCWE-77 7.8 High2024-09-25
CVE-2024-7679 Improper neutralization special element in hyperlinks — Telerik UI for WinFormsCWE-77 7.8 High2024-09-25
CVE-2024-4837 Trust Boundary Violation Vulnerability — Telerik Report ServerCWE-200 5.3 Medium2024-05-15
CVE-2024-4357 XML External Entity Processing Information Disclosure — Telerik Report ServerCWE-611 6.5 Medium2024-05-15
CVE-2024-2389 Flowmon Unauthenticated Command Injection Vulnerability — FlowmonCWE-78 10.0 Critical2024-04-02
CVE-2024-2449 LoadMaster Cross-Site Request Forgery (CSRF) — LoadMasterCWE-352 7.5 High2024-03-22
CVE-2024-2448 LoadMaster Command Injection Vulnerability — LoadMasterCWE-78 8.4 High2024-03-22
CVE-2024-2291 MOVEit Transfer Logging Bypass Vulnerability — MOVEit TransferCWE-778 4.3 Medium2024-03-20
CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection — LoadMasterCWE-78 10.0 Critical2024-02-21
CVE-2024-0833 Privilege Elevation via Telerik Test Studio — Telerik Test StudioCWE-269 7.8 High2024-01-31
CVE-2024-0832 Privilege Elevation via Telerik Reporting Installer — Telerik ReportingCWE-269 7.8 High2024-01-31
CVE-2024-0219 Privilege Elevation via Telerik JustDecompile Installer — Telerik JustDecompileCWE-269 7.8 High2024-01-31

This page lists every published CVE security advisory associated with Progress Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.