Pagina 4 – Azienda Sicura

Lista CVE 2025/27xxx

CVE nel gruppo: 27xxx

CVE-2025-27160 (Clicca per dettagli)

CVE-2025-27161 (Acrobat Reader | Use After Free (CWE-416))

CVE-2025-27162 (Acrobat Reader | Out-of-bounds Read (CWE-125))

CVE-2025-27163 (Acrobat Reader | Access of Uninitialized Pointer (CWE-824))

CVE-2025-27164 (Acrobat Reader | Out-of-bounds Read (CWE-125))

CVE-2025-27166 (Acrobat Reader | Out-of-bounds Read (CWE-125))

CVE-2025-27167 (InDesign Desktop | Out-of-bounds Write (CWE-787))

CVE-2025-27168 (Illustrator | Untrusted Search Path (CWE-426))

CVE-2025-27169 (Illustrator | Stack-based Buffer Overflow (CWE-121))

CVE-2025-27170 (Illustrator | Out-of-bounds Write (CWE-787))

CVE-2025-27171 (Illustrator | NULL Pointer Dereference (CWE-476))

CVE-2025-27172 (InDesign Desktop | Heap-based Buffer Overflow (CWE-122))

CVE-2025-27173 (Substance3D – Designer | Out-of-bounds Write (CWE-787))

CVE-2025-27174 (Substance3D – Modeler | Heap-based Buffer Overflow (CWE-122))

CVE-2025-27175 (Acrobat Reader | Use After Free (CWE-416))

CVE-2025-27176 (InDesign Desktop | Out-of-bounds Write (CWE-787))

CVE-2025-27177 (InDesign Desktop | NULL Pointer Dereference (CWE-476))

CVE-2025-27178 (InDesign Desktop | Heap-based Buffer Overflow (CWE-122))

CVE-2025-27179 (InDesign Desktop | Out-of-bounds Write (CWE-787))

CVE-2025-27180 (InDesign Desktop | NULL Pointer Dereference (CWE-476))

CVE-2025-27181 (Substance3D – Modeler | Out-of-bounds Read (CWE-125))

CVE-2025-27218 (Substance3D – Modeler | Use After Free (CWE-416))

CVE-2025-27219 (Clicca per dettagli)

CVE-2025-27220 (Clicca per dettagli)

CVE-2025-27221 (Clicca per dettagli)

CVE-2025-27253 (Clicca per dettagli)

CVE-2025-27254 (Clicca per dettagli)

CVE-2025-27255 (Clicca per dettagli)

CVE-2025-27256 (Clicca per dettagli)

CVE-2025-27257 (Clicca per dettagli)

CVE-2025-27263 (Clicca per dettagli)

CVE-2025-27264 (WordPress Doctor Appointment Booking Plugin <= 1.0.0 - SQL Injection vulnerability)

CVE-2025-27265 (WordPress Doctor Appointment Booking Plugin <= 1.0.0 - Local File Inclusion vulnerability)

CVE-2025-27266 (WordPress Google Maps for WordPress plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27267 (WordPress Hover Image Button plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27268 (WordPress Random Quotes Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27269 (WordPress Small Package Quotes – Worldwide Express Edition Plugin <= 5.2.18 - SQL Injection vulnerability)

CVE-2025-27270 (WordPress .htaccess Login block Plugin <= 0.9a - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27271 (WordPress Residential Address Detection Plugin <= 2.5.4 - Arbitrary Option Update to Privilege Escalation vulnerability)

CVE-2025-27272 (WordPress DB Tables Import/Export Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27273 (WordPress VG PostCarousel plugin <= 1.1 - Local File Inclusion vulnerability)

CVE-2025-27274 (WordPress Affiliate Links Manager Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27275 (WordPress GPX Viewer plugin <= 2.2.11 - Path Traversal vulnerability)

CVE-2025-27276 (WordPress WOO Codice Fiscale plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27277 (WordPress Photo Gallery ( Responsive ) plugin <= 4.0 - CSRF to Privilege Escalation vulnerability)

CVE-2025-27278 (WordPress Add Linked Images To Gallery plugin <= 1.4 - CSRF to Stored XSS vulnerability)

CVE-2025-27279 (WordPress AcuGIS Leaflet Maps Plugin <= 5.1.1.0 - Multiple Cross Site Scripting (XSS) vulnerabilities)

CVE-2025-27280 (WordPress Flashfader Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-27281 (WordPress Archive Page plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27290 (WordPress All In Menu Plugin <= 1.1.5 - SQL Injection vulnerability)

CVE-2025-27294 (WordPress Select Erima Zarinpal Donate Plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27296 (WordPress WP-Asambleas plugin <= 2.85.0 - Arbitrary Shortcode Execution vulnerability)

CVE-2025-27297 (WordPress Auto Ad Inserter – Increase Google Adsense and Ad Manager Revenue Plugin <= 1.5 - Settings Change vulnerability)

CVE-2025-27298 (WordPress Bravo Search & Replace Plugin <= 1.0 - SQL Injection vulnerability)

CVE-2025-27300 (WordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerability)

CVE-2025-27301 (WordPress ADFO plugin <= 1.9.1 - Deserialization of untrusted data vulnerability)

CVE-2025-27303 (WordPress NHR Options Table Manager Plugin <= 1.1.2 - Deserialization of untrusted data vulnerability)

CVE-2025-27304 (WordPress Contact Form 7 Star Rating plugin <= 1.10 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27305 (WordPress Contact Form 7 Star Rating with font Awesome plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27306 (WordPress Table of Contents Block plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27307 (WordPress Pathomation plugin <= 2.5.1 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-27311 (WordPress Quotes llama plugin <= 3.0.1 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-27312 (WordPress Bulk Content Creator Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27315 (WordPress WP Sitemap plugin <= 1.0 - SQL Injection vulnerability)

CVE-2025-27316 (WordPress All-In-One Cufon Plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27317 (WordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27318 (WordPress RAYS Grid Plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27320 (WordPress Simple Google Sitemap Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27321 (WordPress Profile Widget Ninja plugin <= 4.3 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27323 (WordPress Blightly Explorer plugin <= 2.3.0 - CSRF to Stored XSS vulnerability)

CVE-2025-27325 (WordPress WP About Author plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27327 (WordPress Video.js HLS Player plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27328 (WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27329 (WordPress WP-PostRatings Cheater Plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27330 (WordPress EZ InLinkz linkup plugin <= 0.18 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27331 (WordPress PlayerJS plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27332 (WordPress WooCommerce Display Products by Tags plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-27335 (WordPress Smart Maintenance & Countdown Plugin <= 1.2 - CSRF to Stored XSS vulnerability)

CVE-2025-27336 (WordPress Auto Tag Links Plugin <= 1.0.13 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-27339 (WordPress Just Variables Plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability)

Precedente Successivo