733 matches found
Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25886)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. Newforma Project Center Server suffers from an information...
CVE-2025-35052
Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...
EUVD-2025-33575
Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...
CVE-2025-35052
Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...
CVE-2025-35052
Newforma Info Exchange (NIX) has a vulnerability where a shared, hard-coded key is used to encrypt certain query parameters, allowing an attacker with valid NIX access to specify encrypted file paths (e.g., via StreamStampImage in /UserWeb/Common/MarkupServices.ashx) and read arbitrary files with...
CVE-2025-35052 Newforma Info Exchange (NIX) shared hard-coded secret key
Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...
CVE-2025-35052 Newforma Info Exchange (NIX) shared hard-coded secret key
Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...
CVE-2025-32916
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...
UBUNTU-CVE-2025-32916
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...
CVE-2025-32916 Sensitive form data in URL query parameters
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...
CVE-2025-32916
CVE-2025-32916 affects Checkmk platforms prior to 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 (EOL). The issue is that sensitive information may be included in URL query parameters due to GET requests, potentially being logged in browser history, web server logs, or other logging destinations. The de...
CVE-2025-32916 Sensitive form data in URL query parameters
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...
Newforma Project Center Server 安全漏洞
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. Newforma Project Center Server suffers from an information...
PT-2025-41468
Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX versions 2023.3 and 2024.1 Description Newforma Info Exchange NIX utilizes a hard-coded key for encrypting query parameters. Certain encrypted parameter values can define file paths for download, potentially...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.4.0p13, prior to 2.3.0p38, prior to 2.2.0p46, and 2.1.0, which stems from the possible use of sensitive information in a GET request, which could result in sensitive form data...
PT-2025-41387
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...
EUVD-2021-1019
Malware in sbrugna...
EUVD-2021-0038
Malware in sbrugna...
EUVD-2021-10423
Malware in sbrugna...
EUVD-2020-0120
Malware in sbrugna...