Vulnerabilidades em Newforma
14 resultadosCVE-2025-35050CRITICALNewforma Info Exchange (NIX) .NET unauthenticated deserializationEPSS 0.8%CVE-2025-35051HIGHNewforma Project Center Server (NPCS) .NET unauthenticated deserializationEPSS 0.8%CVE-2025-35055HIGHNewforma Info Exchange (NIX) insecure file uploadEPSS 0.5%CVE-2024-32499MEDIUMNewforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.EPSS 0.4%CVE-2025-35053MEDIUMNewforma Info Exchange (NIX) arbitrary file read and deleteEPSS 0.4%CVE-2025-35052MEDIUMNewforma Info Exchange (NIX) shared hard-coded secret keyEPSS 0.4%CVE-2025-35062MEDIUMNewforma Info Exchange (NIX) default anonymous accessEPSS 0.4%CVE-2025-35061HIGHNewforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmxEPSS 0.3%CVE-2025-35058HIGHNewforma Info Exchange (NIX) forced NTLMv2 authentication via /UserWeb/Common/MarkupServices.ashxEPSS 0.3%CVE-2025-35056MEDIUMNewforma Info Exchange (NIX) limited file readEPSS 0.3%CVE-2025-35057MEDIUMNewforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashxEPSS 0.3%CVE-2025-35060MEDIUMNewforma Info Exchange (NIX) stored XSS via SVG file uploadEPSS 0.2%CVE-2025-35059MEDIUMNewforma Info Exchange (NIX) open URL redirect via /DownloadWeb/hyperlinkredirect.aspxEPSS 0.2%CVE-2025-35054MEDIUMNewforma Info Exchange (NIX) insufficiently protected credentialsEPSS 0.1%