Lucene search
K

78 matches found

RedhatCVE
RedhatCVE
added 2025/10/19 8:30 p.m.8 views

CVE-2025-35059

Newforma Info Exchange NIX '/DownloadWeb/hyperlinkredirect.aspx' provides an unauthenticated URL redirect via the 'nhl' parameter...

5.3CVSS7.1AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 9:27 p.m.8 views

CVE-2025-35061

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

8.2CVSS6.9AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.5 views

CVE-2025-35058

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

8.2CVSS6.9AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.4 views

CVE-2025-35060

Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...

5.5CVSS6.8AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.3 views

CVE-2025-35056

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' 'StreamStampImage' accepts an encrypted file path and returns an image of the specified file. An authenticated attacker can read arbitrary files subject to the privileges of NIX, typically 'NT AUTHORITY\NetworkService', and the...

6.9CVSS6.7AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.4 views

CVE-2025-35062

Newforma Info Exchange NIX before version 2023.1 by default allows anonymous authentication which allows an unauthenticated attacker to exploit additional vulnerabilities that require authentication...

6.9CVSS7.2AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.6 views

CVE-2025-35055

Newforma Info Exchange NIX '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated attacker to upload an arbitrary file to any location writable by the NIX application. An attacker can upload and run a web shell or other content executable by the web server. An attacker can also delete...

8.8CVSS7.1AI score0.00504EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.6 views

CVE-2025-35050

Newforma Info Exchange NIX accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. The vulnerable endpoint is used by Newforma Project Center Server NPCS, so a...

9.8CVSS8AI score0.00861EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.7 views

CVE-2025-35057

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

6CVSS6.9AI score0.00305EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 9:31 p.m.6 views

EUVD-2025-33577

Newforma Info Exchange NIX accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. The vulnerable endpoint is used by Newforma Project Center Server NPCS, so a...

9.8CVSS7.5AI score0.00861EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/09 9:31 p.m.6 views

EUVD-2025-33568

Newforma Info Exchange NIX '/DownloadWeb/hyperlinkredirect.aspx' provides an unauthenticated URL redirect via the 'nhl' parameter...

5.3CVSS6.5AI score0.00198EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33569

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

8.2CVSS6.4AI score0.00353EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.7 views

EUVD-2025-33573

Newforma Info Exchange NIX stores credentials used to configure NPCS in 'HKLM\Software\WOW6432Node\Newforma\Credentials'. The credentials are encrypted but the encryption key is stored in the same registry location. Authenticated users can access both the credentials and the encryption key. If...

5.3CVSS6.5AI score0.00074EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33566

Newforma Info Exchange NIX before version 2023.1 by default allows anonymous authentication which allows an unauthenticated attacker to exploit additional vulnerabilities that require authentication...

6.9CVSS6.8AI score0.00346EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.6 views

EUVD-2025-33572

Newforma Info Exchange NIX '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated attacker to upload an arbitrary file to any location writable by the NIX application. An attacker can upload and run a web shell or other content executable by the web server. An attacker can also delete...

8.8CVSS6.7AI score0.00504EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33567

Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...

5.5CVSS6.3AI score0.00201EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.6 views

EUVD-2025-33565

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

8.2CVSS6.4AI score0.00353EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.7 views

EUVD-2025-33570

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

6CVSS6.4AI score0.00305EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.4 views

EUVD-2025-33574

Newforma Info Exchange NIX accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges. In Newforma before 2023.1, anonymous access is enabl...

6.9CVSS6.7AI score0.00378EPSS
Exploits0References4
OSV
OSV
added 2025/10/09 9:15 p.m.3 views

CVE-2025-35062

Newforma Info Exchange NIX before version 2023.1 by default allows anonymous authentication which allows an unauthenticated attacker to exploit additional vulnerabilities that require authentication...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References2
Rows per page
Query Builder