Known Vulnerabilities for products from Telerik
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Telerik".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-28141 | ** DISPUTED ** An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to M... | 9.8 - CRITICAL | 2021-03-11 | 2023-11-07 |
| CVE-2020-13661 | Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space c... | 8.8 - HIGH | 2020-11-05 | 2020-11-13 |
| CVE-2020-11414 | An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for... | 7.5 - HIGH | 2020-03-31 | 2020-04-02 |
| CVE-2019-19790 | Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension... | 9.8 - CRITICAL | 2019-12-13 | 2019-12-30 |
| CVE-2019-18935 | Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload ... | 9.8 - CRITICAL | 2019-12-11 | 2023-11-07 |
| CVE-2018-15122 | An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible... | 7.8 - HIGH | 2018-08-16 | 2018-10-15 |
| CVE-2017-11357 | Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows... | 9.8 - CRITICAL | 2017-08-23 | 2018-01-28 |
| CVE-2017-11317 | Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encr... | 9.8 - CRITICAL | 2017-08-23 | 2020-10-20 |
| CVE-2017-9248 | Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not prop... | 9.8 - CRITICAL | 2017-07-03 | 2019-10-03 |
| CVE-2015-2264 | Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monit... | 6.9 - MEDIUM | 2015-03-13 | 2015-03-13 |
| CVE-2014-4958 | Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and ... | 4.3 - MEDIUM | 2014-09-26 | 2015-09-16 |
| CVE-2014-2217 | Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before ... | 7.5 - HIGH | 2014-12-25 | 2014-12-29 |
Known software with vulnerabilities from Telerik
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Telerik | Analytics Monitor Library | 3.2.122 |
| Application | Telerik | Asp.net Ajax Radeditor Control | 2009.3.1208.20 |
| Application | Telerik | Fiddler | 5.0.20202.18177 |
| Application | Telerik | Kendo Ui For Vue | 0.1.0 |
| Application | Telerik | Kendoreact | 0.1.0 |
| Application | Telerik | Radchart | - |
| Application | Telerik | Ui For Asp.net Ajax | - |
| Application | Telerik | Ui For Asp.net Core | 2011.2.804 |