Known Vulnerabilities for products from Progress
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Progress".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32889 | Not Provided | 2026-03-20 | 2026-03-21 | |
| CVE-2026-23372 | Not Provided | 2026-03-25 | 2026-04-02 | |
| CVE-2026-23351 | Not Provided | 2026-03-25 | 2026-04-02 | |
| CVE-2026-3692 | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2026-2737 | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2025-47441 | Not Provided | 2025-05-07 | 2026-04-01 | |
| CVE-2025-39516 | Not Provided | 2025-04-16 | 2026-04-01 | |
| CVE-2025-23936 | Not Provided | 2025-01-16 | 2026-04-01 | |
| CVE-2025-23892 | Not Provided | 2025-01-16 | 2026-04-01 | |
| CVE-2024-50548 | Not Provided | 2024-11-19 | 2026-04-01 | |
| CVE-2021-41318 | In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. whic... | 6.1 - MEDIUM | 2021-09-28 | 2021-10-07 |
| CVE-2021-38159 | In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web applicati... | 9.8 - CRITICAL | 2021-08-07 | 2021-08-14 |
| CVE-2021-37614 | In certain Progress MOVEit Transfer versions before 2021.0.3 (aka 13.0.3), SQL injection in the MOVEit Transfer web applicati... | 8.8 - HIGH | 2021-08-05 | 2021-08-17 |
| CVE-2021-33894 | In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before 2019.1.5 (11.1.5), 2019.2.x before 2019.2.2 (11.2.2), 2... | 8.8 - HIGH | 2021-06-09 | 2021-06-22 |
| CVE-2021-31827 | In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app... | 8.8 - HIGH | 2021-05-18 | 2021-05-25 |
| CVE-2020-28647 | In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a vict... | 5.4 - MEDIUM | 2020-11-17 | 2022-10-21 |
| CVE-2020-12677 | An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately saniti... | 6.1 - MEDIUM | 2020-05-14 | 2020-05-19 |
| CVE-2020-8612 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanit... | 9 - CRITICAL | 2020-02-14 | 2020-02-20 |
| CVE-2020-8611 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have be... | 8.8 - HIGH | 2020-02-14 | 2020-02-19 |
| CVE-2019-17392 | Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mish... | 9.8 - CRITICAL | 2019-11-26 | 2019-12-14 |
Known software with vulnerabilities from Progress
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Progress | 4gl Compiler | - |
| Application | Progress | Database | - |
| Application | Progress | Fiddler | 2.2.9.4 |
| Application | Progress | Ipswitch Ws Ftp Server | 1.0.1 |
| Application | Progress | Ipswitch Ws Ftp Server With Ssh | 6.1.0 |
| Application | Progress | Kendo Ui | 2011.2.804 |
| Application | Progress | Moveit Automation | 2018.0 |
| Application | Progress | Moveit Transfer | - |
| Application | Progress | Objectstore | - |
| Application | Progress | Openedge | - |
| Application | Progress | Sitefinity | 5.1 |
| Application | Progress | Sitefinity Cms | 4.2 |
| Application | Progress | Telerik Extensions For Asp.net Mvc | - |
| Application | Progress | Telerik Reporting | 8.2.14.1027 |
| Application | Progress | Webspeed | - |
| Application | Progress | Webspeed Messenger | - |