📦 Project Center
by Newforma
🔍 What is Project Center?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2025-35050 is a critical remote code execution vulnerability in Newforma Info Exchange (NIX) that allows unauthenticated attackers to execute arbitrary code with NetworkService privileges by sendi...
This vulnerability allows authenticated attackers to upload arbitrary files to any writable location in Newforma Info Exchange (NIX), potentially enabling web shell deployment and directory deletion. ...
This vulnerability in Newforma Info Exchange (NIX) allows unauthenticated attackers to redirect users to arbitrary external websites via the 'nhl' parameter in the '/DownloadWeb/hyperlinkredirect.aspx...
Newforma Info Exchange (NIX) has a cross-site scripting (XSS) vulnerability in its 'Send a File Transfer' feature that allows authenticated attackers to upload malicious SVG files. When viewed through...
CVE-2025-35061 is an authentication relay vulnerability in Newforma Info Exchange (NIX) that allows unauthenticated attackers to force the system to make SMB connections to attacker-controlled servers...
Newforma Info Exchange (NIX) before version 2023.1 has a default configuration that allows anonymous authentication. This enables unauthenticated attackers to exploit other vulnerabilities that would ...
Newforma Info Exchange (NIX) uses a hard-coded encryption key for query parameters, allowing attackers to bypass authentication and authorization by manipulating encrypted parameters like 'qs' to down...
This vulnerability in Newforma Info Exchange (NIX) allows remote, unauthenticated attackers to force the NIX server to initiate SMB connections to attacker-controlled systems. This enables credential ...
CVE-2025-35058 is an authentication bypass vulnerability in Newforma Info Exchange (NIX) that allows unauthenticated remote attackers to force the NIX service to make SMB connections to attacker-contr...
CVE-2025-35053 allows authenticated users in Newforma Info Exchange (NIX) to read and delete arbitrary files with NetworkService privileges via the '/UserWeb/Common/MarkupServices.ashx' endpoint. Comb...
Newforma Info Exchange (NIX) stores encrypted credentials with their encryption key in the same Windows registry location, allowing authenticated users to decrypt and access sensitive credentials. If ...