CVE-2025-35052

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

CVE-2025-26494

Server-Side Request Forgery SSRF vulnerability in Salesforce Tableau Server allows Authentication Bypass.This issue affects Tableau Server: from 2023.3 through 2023.3.5...

PT-2024-13132 · Intel · Intel(R) Gpa Framework

Name of the Vulnerable Software and Affected Versions: IntelR GPA Framework software versions prior to 2023.3 Description: The issue is related to improper access control in some IntelR GPA Framework software installers, which may allow an authenticated user to potentially enable escalation of...

PT-2024-21015 · Unknown · Microdicom Dicom Viewer

Name of the Vulnerable Software and Affected Versions: MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior Description: The issue is related to a lack of proper validation of user-supplied data, which could result in memory corruption within the application. Recommendations: For MicroDic...