Latest Vulnerabilities
Latest Found
The latest vulnerability announcements
- CVE-2025-35061 - Newforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmx
- CVE-2025-35062 - Newforma Info Exchange (NIX) default anonymous access
- CVE-2025-35060 - Newforma Info Exchange (NIX) stored XSS via SVG file upload
- CVE-2025-35059 - Newforma Info Exchange (NIX) open URL redirect via /DownloadWeb/hyperlinkredirect.aspx
- CVE-2025-35058 - Newforma Info Exchange (NIX) forced NTLMv2 authentication via /UserWeb/Common/MarkupServices.ashx
- CVE-2025-35057 - Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx
- CVE-2025-35056 - Newforma Info Exchange (NIX) limited file read
- CVE-2025-35055 - Newforma Info Exchange (NIX) insecure file upload
- CVE-2025-35054 - Newforma Info Exchange (NIX) insufficiently protected credentials
- CVE-2025-35053 - Newforma Info Exchange (NIX) arbitrary file read and delete
CISA Advisories
The latest advisories from CISA
- CISA Releases Four Industrial Control Systems Advisories
- Rockwell Automation Stratix
- CISA Adds One Known Exploited Vulnerability to Catalog
- Rockwell Automation Lifecycle Services with Cisco
- Hitachi Energy Asset Suite
- Delta Electronics DIAScreen
- CISA Releases Two Industrial Control Systems Advisories
- CISA Adds One Known Exploited Vulnerability to Catalog
- CISA Adds Seven Known Exploited Vulnerabilities to Catalog
- Hitachi Energy MSM Product