Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Progress — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting Progress. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Progress:LoadMasterMOVEit TransferOpenEdgeDataDirect Connect for JDBC for Amazon RedshiftShareFile Storage Zones ControllerMOVEit GatewaySitefinity
CVE IDTitleCVSSSeverityPublished
CVE-2026-2701 RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC) — ShareFile Storage Zones ControllerCWE-434 9.1 Critical2026-04-02
CVE-2026-2699 EAR vulnerability in Progress ShareFile Storage Zones Controller (SZC) — ShareFile Storage Zones ControllerCWE-698 9.8 Critical2026-04-02
CVE-2025-11235 MOVEit Transfer REST API does not require current password in order to initiate the password change process — MOVEit TransferCWE-620 3.7 Low2026-01-06
CVE-2025-13147 External Service Interaction (DNS) — MOVEit TransferCWE-918 5.3 Medium2025-11-19
CVE-2025-10703 Progress多款产品 代码注入漏洞 — DataDirect Connect for JDBC for Amazon RedshiftCWE-94 9.8AICriticalAI2025-11-19
CVE-2025-10702 Progress多款产品 代码注入漏洞 — DataDirect Connect for JDBC for Amazon RedshiftCWE-94 9.8AICriticalAI2025-11-19
CVE-2025-10932 AS2 module allows uncontrolled file uploads — MOVEit TransferCWE-400 8.2 High2025-10-29
CVE-2025-1758 Progress LoadMaster 安全漏洞 — LoadMasterCWE-121 4.3 Medium2025-03-19
CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder — MOVEit TransferCWE-269 5.9 Medium2025-03-19
CVE-2024-56135 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2025-02-05
CVE-2024-56134 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2025-02-05
CVE-2024-56133 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2025-02-05
CVE-2024-56132 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2025-02-05
CVE-2024-56131 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2025-02-05
CVE-2024-11627 Progress Sitefinity 安全漏洞 — SitefinityCWE-613 6.8 Medium2025-01-07
CVE-2024-8755 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMasterCWE-20 8.4 High2024-10-11
CVE-2024-6658 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection. — LoadMasterCWE-20 8.4 High2024-09-12
CVE-2024-7591 Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection — LoadMasterCWE-78 10.0 Critical2024-09-05
CVE-2024-7346 Client connections using default TLS certificates from OpenEdge may bypass TLS host name validation — OpenEdgeCWE-297 7.2 High2024-09-03
CVE-2024-7345 Direct local client connections to MS Agents can bypass authentication — OpenEdgeCWE-94 8.3 High2024-09-03
CVE-2024-7654 Unauthenticated Content Injection in OpenEdge Management web interface via ActiveMQ discovery service — OpenEdgeCWE-79 8.3 High2024-09-03
CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability — MOVEit TransferCWE-287 7.3 High2024-07-29
CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability — MOVEit TransferCWE-287 9.1 Critical2024-06-25
CVE-2024-5805 MOVEit Gateway Authentication Bypass Vulnerability — MOVEit GatewayCWE-287 9.1 Critical2024-06-25
CVE-2024-1403 Authentication Bypass in OpenEdge Authentication Gateway and AdminServer — OpenEdgeCWE-305 10.0 Critical2024-02-27

This page lists every published CVE security advisory associated with Progress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.