This page lists publicly disclosed CVE vulnerabilities affecting progress telerik_ui_for_winforms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-0332 | In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory. | [email protected] | 7.8 | 0.37% | 2025-02-12 | 2025-07-03 |
| CVE-2024-10013 | In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability. | [email protected] | 7.8 | 0.22% | 2024-11-13 | 2025-07-03 |
| CVE-2024-3892 | A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system. | [email protected] | 7.2 | 0.22% | 2024-05-15 | 2025-07-03 |