PT-2025-46999

Name of the Vulnerable Software and Affected Versions Alteryx server versions 2022.1.1.42654 and 2024.1 Description The Alteryx server does not properly validate user authorization when processing API requests that utilize MongoDB object IDs to identify data. Specifically, the server fails to...

CVE-2025-35052

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

PT-2024-25900 · Mullvad · Mullvad Vpn

Name of the Vulnerable Software and Affected Versions: Mullvad VPN versions through 2024.1 Description: The issue allows DNS traffic to leave the device when Mullvad VPN on Android fails to create a tunnel and does not set a DNS server in the blocking state. This can result in sensitive DNS...

WordPress Plugin Advanced iFrame Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...