CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5458 matches found

Cvelist•added 2025/10/09 8:20 p.m.•10 views

CVE-2025-35052 Newforma Info Exchange (NIX) shared hard-coded secret key

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

6.3CVSS0.00351EPSS

Exploits0References2

EUVD•added 2025/10/09 6:30 p.m.•7 views

EUVD-2017-18919

NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant library contacts a C2 DNS server via a specially crafted TXT...

9.3CVSS7.3AI score0.00608EPSS

Exploits0References5

The Hacker News•added 2025/10/09 1:48 p.m.•5 views

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

6.5AI score

Exploits0

Positive Technologies•added 2025/10/09 12:0 a.m.•3 views

PT-2025-41472

Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description The software contains a flaw in the '/UserWeb/Common/MarkupServices.ashx' endpoint, specifically within the StreamStampImage function. This function processes encrypted fil...

6.9CVSS6.3AI score0.00351EPSS

Exploits0References6

CNNVD•added 2025/10/09 12:0 a.m.•3 views

Newforma Project Center Server 安全漏洞

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A security vulnerability exists in Newforma Project Center Serve...

9.8CVSS6.3AI score0.00351EPSS

Exploits0References3

NVD•added 2025/10/08 10:15 p.m.•7 views

CVE-2017-20201

CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 32-bit builds contained a malicious pre-entry-point loader that diverts execution from scrtcommonmainseh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at...

9.3CVSS0.00483EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-4729

Malware in sbrugna...

5CVSS6.2AI score0.01466EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2008-1002

Malware in sbrugna...

2.6CVSS6.4AI score0.01699EPSS

Exploits1References10