ProgressSoftware CNA: CVE Report Card & Published CVEs

How complete and consistent ProgressSoftware's CVE records are, scored across vendor, product, CVSS, and CWE coverage.

Frequently asked questions

Common questions about the ProgressSoftware CNA.

What is the ProgressSoftware CNA?

ProgressSoftware is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 150 CVE records since 2023.

How many CVEs has ProgressSoftware published?

ProgressSoftware has published 150 CVE records, including 122 in the last two years.

What is ProgressSoftware's CVE data quality grade?

RadicalNotion.AI grades ProgressSoftware's CVE data quality as A, with an overall completeness score of 99.7%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (98.7%) information.

What products does ProgressSoftware publish CVEs for?

ProgressSoftware most frequently publishes CVEs for WhatsUp Gold, whatsup_gold, LoadMaster, Telerik Reporting, MOVEit Transfer.

Which vendors does ProgressSoftware cover?

ProgressSoftware publishes CVEs across 7 distinct vendors, most often Progress, Progress Software Corporation, Progress Software, progress_software, kemptechnologies.

Is ProgressSoftware actively publishing CVEs?

ProgressSoftware is currently active, based on 122 CVEs in the last two years.

What is the average severity of ProgressSoftware's CVEs?

The average CVSS base score across ProgressSoftware's scored CVEs is 7.8.

How many critical CVEs has ProgressSoftware published?

ProgressSoftware has published 32 critical-severity CVEs and 105 high-severity CVEs.

Are any of ProgressSoftware's CVEs in CISA's Known Exploited Vulnerabilities catalog?

Yes. 5 of ProgressSoftware's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.

What are the most common weakness types in ProgressSoftware's CVEs?

ProgressSoftware's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-502 (Deserialization of Untrusted Data), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-20 (Improper Input Validation).

How does ProgressSoftware rank among CNAs?

By total CVE volume, ProgressSoftware ranks #104 of 370 CNAs, and it reports more complete CVE records than 57% of all CNAs.

ProgressSoftware

Overview

Data quality report card

What these scores mean

Severity and exploitation

Common weakness types

Publishing activity by year

Top vendors

Top products

Latest CVEs

Other CNAs