GCVE - cpe:2.3:a:telerik:ui_for_wpf:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:telerik:ui_for_wpf:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Telerik (`2eb2c60f-8174-53cf-a0ac-2d27ec15a252`)
Product	Ui For Wpf (`8a02e6b2-6dac-58dc-974d-c34d969a1add`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-8316`	vulnerable	2026-06-03 14:58:18.118758	Progress UI for WPF format provider unsafe deserialization vulnerability HIGH (7.8) In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. Published: 2024-09-25T13:59:20.369Z Updated: 2024-09-25T14:16:14.295Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/wpf/knowledge-base/unsafe-deserialization-cve-2024-8316	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7679`	vulnerable	2026-06-03 14:58:06.685801	Improper neutralization special element in hyperlinks HIGH (7.8) In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. Published: 2024-09-25T13:53:01.102Z Updated: 2024-09-25T14:22:18.409Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/winforms/knowledge-base/command-injection-cve-2024-7679	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7576`	vulnerable	2026-06-03 14:58:06.413227	Progress UI for WPF format provider unsafe deserialization vulnerability HIGH (7.8) In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. Published: 2024-09-25T13:57:35.699Z Updated: 2024-09-25T14:17:24.219Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/wpf/knowledge-base/unsafe-deserialization-cve-2024-7576	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7575`	vulnerable	2026-06-03 14:58:06.411999	Improper neutralization special element in hyperlinks HIGH (7.8) In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. Published: 2024-09-25T13:55:59.435Z Updated: 2024-09-25T14:19:30.019Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/wpf/knowledge-base/command-injection-cve-2024-7575	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10095`	vulnerable	2026-06-03 14:54:04.883337	Progress UI for WPF format provider unsafe deserialization vulnerability HIGH (8.4) In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability. Published: 2024-12-16T16:59:25.572Z Updated: 2024-12-16T17:26:03.808Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/wpf/knowledge-base/kb-security-unsafe-deserialization-vulnerability-cve-2024-10095	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10012`	vulnerable	2026-06-03 14:54:04.692045	Progress UI for WPF format provider unsafe deserialization vulnerability HIGH (7.8) In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible through an insecure deserialization vulnerability. Published: 2024-11-13T15:19:06.329Z Updated: 2024-11-13T19:34:56.312Z Open on db.gcve.eu Reference links https://docs.telerik.com/devtools/wpf/knowledge-base/kb-security-unsafe-deserialization-cve-2024-10012	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.