newforma

Top products

The 14 most recently published vulnerabilities affecting newforma.

• CVE-2025-35061Newforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmx5.9Oct 9, 2025
• CVE-2025-35062Newforma Info Exchange (NIX) default anonymous access5.3Oct 9, 2025
• CVE-2025-35060Newforma Info Exchange (NIX) stored XSS via SVG file upload5.5Oct 9, 2025
• CVE-2025-35059Newforma Info Exchange (NIX) open URL redirect via /DownloadWeb/hyperlinkredirect.aspx4.3Oct 9, 2025
• CVE-2025-35058Newforma Info Exchange (NIX) forced NTLMv2 authentication via /UserWeb/Common/MarkupServices.ashx5.9Oct 9, 2025
• CVE-2025-35057Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx5.3Oct 9, 2025
• CVE-2025-35056Newforma Info Exchange (NIX) limited file read5.0Oct 9, 2025
• CVE-2025-35055Newforma Info Exchange (NIX) insecure file upload8.8Oct 9, 2025
• CVE-2025-35054Newforma Info Exchange (NIX) insufficiently protected credentials5.3Oct 9, 2025
• CVE-2025-35053Newforma Info Exchange (NIX) arbitrary file read and delete6.4Oct 9, 2025
• CVE-2025-35052Newforma Info Exchange (NIX) shared hard-coded secret key5.3Oct 9, 2025
• CVE-2025-35051Newforma Project Center Server (NPCS) .NET unauthenticated deserialization9.8Oct 9, 2025
• CVE-2025-35050Newforma Info Exchange (NIX) .NET unauthenticated deserialization9.8Oct 9, 2025
• CVE-2024-32499Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.4.9Apr 28, 2025