Lista CVE 2025/1xxx

CVE nel gruppo: 1xxx

CVE-2025-1086 (Clicca per dettagli)

CVE-2025-1091 (Safetytest Cloud-Master Server static path traversal)

CVE-2025-1094 (Broken Authorization Schema)

CVE-2025-1096 (PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation)

CVE-2025-1097 (Clicca per dettagli)

CVE-2025-1098 (ingress-nginx controller – configuration injection via unsanitized auth-tls-match-cn annotation)

CVE-2025-1099 (ingress-nginx controller – configuration injection via unsanitized mirror annotations)

CVE-2025-1100 (Information Disclosure Vulnerability in TP-Link Tapo C500 Wi-Fi Camera)

CVE-2025-1101 (Clicca per dettagli)

CVE-2025-1102 (Clicca per dettagli)

CVE-2025-1103 (Clicca per dettagli)

CVE-2025-1104 (D-Link DIR-823X HTTP POST Request set_wifi_blacklists null pointer dereference)

CVE-2025-1105 (D-Link DHP-W310AV authentication spoofing)

CVE-2025-1106 (SiberianCMS HTTP GET Request flat cross site scripting)

CVE-2025-1107 (CmsEasy database_admin.php restore_action path traversal)

CVE-2025-1108 (Unverified password change vulnerability in Janto)

CVE-2025-1113 (Insufficient data authenticity vulnerability in Janto)

CVE-2025-1114 (taisan tarzan-cms Add Theme admin#themes upload deserialization)

CVE-2025-1115 (newbee-mall Add Category Page save cross site scripting)

CVE-2025-1116 (RT-Thread lwp_syscall.c sys_timer_settime information disclosure)

CVE-2025-1117 (Dreamvention Live AJAX Search Free live_search.searchresults search sql injection)

CVE-2025-1118 (CoinRemitter sql injection)

CVE-2025-1119 (Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled)

CVE-2025-1121 (Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution)

CVE-2025-1125 (Privilege Escalation via modified recovery Image)

CVE-2025-1126 (Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write)

CVE-2025-1127 (Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC).)

CVE-2025-1128 (Combination Path Traversal and Concurrent Execution vulnerability exists within the embedded web server)

CVE-2025-1132 (Everest Forms <= 3.0.9.4 - Unauthenticated Arbitrary File Upload, Read, and Deletion)

CVE-2025-1133 (SQL Injection in ChurchCRM EN_tyid Parameter via EditEventAttendees.php)

CVE-2025-1134 (SQL Injection in ChurchCRM EID Parameter via EditEventAttendees.php)

CVE-2025-1135 (SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php)

CVE-2025-1143 (SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php)

CVE-2025-1144 (Billion Electric M120N – Use of Hard-coded Credentials)

CVE-2025-1145 (Quanxun School Affairs System – Exposure of Sensitive Information)

CVE-2025-1146 (NetVision Information ISOinsight – Reflected Cross-site Scripting)

CVE-2025-1147 (CrowdStrike Falcon Sensor for Linux TLS Issue)

CVE-2025-1148 (GNU Binutils nm nm.c internal_strlen buffer overflow)

CVE-2025-1149 (GNU Binutils ld ldelfgen.c link_order_scan memory leak)

CVE-2025-1150 (GNU Binutils ld xmalloc.c xstrdup memory leak)

CVE-2025-1151 (GNU Binutils ld libbfd.c bfd_malloc memory leak)

CVE-2025-1152 (GNU Binutils ld xmemdup.c xmemdup memory leak)

CVE-2025-1153 (GNU Binutils ld xstrdup.c xstrdup memory leak)

CVE-2025-1154 (GNU Binutils format.c bfd_set_format memory corruption)

CVE-2025-1155 (xxyopen Novel books sql injection)

CVE-2025-1156 (Webkul QloApps Your Location Search stores cross site scripting)

CVE-2025-1157 (Pix Software Vivaz servlet sql injection)

CVE-2025-1158 (Allims lab.online model_recuperar_senha.php sql injection)

CVE-2025-1159 (ESAFENET CDG addPolicyToSafetyGroup.jsp sql injection)

CVE-2025-1160 (CampCodes School Management Software academic-calendar cross site scripting)

CVE-2025-1162 (SourceCodester Employee Management System index.php default credentials)

CVE-2025-1163 (code-projects Job Recruitment load\_user-profile.php sql injection)

CVE-2025-1164 (code-projects Vehicle Parking Management System Authentication login stack-based overflow)

CVE-2025-1165 (code-projects Police FIR Record Management System Add Record stack-based overflow)

CVE-2025-1166 (Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted upload)

CVE-2025-1167 (SourceCodester Food Menu Manager update.php unrestricted upload)

CVE-2025-1168 (Mayuri K Employee Management System Update_User.php sql injection)

CVE-2025-1169 (SourceCodester Contact Manager with Export to VCF delete-contact.php sql injection)

CVE-2025-1170 (SourceCodester Image Compressor Tool compressor.php cross site scripting)

CVE-2025-1171 (code-projects Real Estate Property Management System Category.php cross site scripting)

CVE-2025-1172 (code-projects Real Estate Property Management System CustomerReport.php cross site scripting)

CVE-2025-1173 (1000 Projects Bookstore Management System addtocart.php sql injection)

CVE-2025-1174 (1000 Projects Bookstore Management System process_users_del.php sql injection)

CVE-2025-1175 (1000 Projects Bookstore Management System Add Book Page process_book_add.php cross site scripting)

CVE-2025-1176 (Cross-Site Scripting (XSS) vulnerability in Kelio Visio)

CVE-2025-1177 (GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow)

CVE-2025-1178 (dayrui XunRuiCMS Linkage.php import_add deserialization)

CVE-2025-1179 (GNU Binutils ld libbfd.c bfd_putl64 memory corruption)

CVE-2025-1180 (GNU Binutils ld libbfd.c bfd_putl64 memory corruption)

CVE-2025-1181 (GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption)

CVE-2025-1182 (GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption)

CVE-2025-1183 (GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption)

CVE-2025-1184 (CodeZips Gym Management System more-userprofile.php sql injection)

CVE-2025-1185 (pihome-shc PiHome ajax.php sql injection)

CVE-2025-1186 (pihome-shc PiHome ajax.php sql injection)

CVE-2025-1187 (dayrui XunRuiCMS Api.php deserialization)

CVE-2025-1188 (code-projects Police FIR Record Management System Delete Record stack-based overflow)

CVE-2025-1189 (Codezips Gym Management System updateroutine.php sql injection)

CVE-2025-1190 (1000 Projects Attendance Tracking Management System chart1.php sql injection)

CVE-2025-1191 (code-projects Job Recruitment load_user-profile.php cross site scripting)