Pagina 2 – Azienda Sicura

Lista CVE 2025/31xxx

CVE-2025-31096 (WordPress Material Dashboard <= 1.4.5 - Privilege Escalation Vulnerability)

CVE-2025-31099 (WordPress PostX <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability)

CVE-2025-31101 (WordPress Slider by BestWebSoft <= 1.1.0 - SQL Injection Vulnerability)

CVE-2025-31102 (WordPress VaultRE Contact Form 7 plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-31103 (WordPress Hostel plugin <= 1.1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-31117 (Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding)

CVE-2025-31122 (OpenEMR Out-of-Band Server-Side Request Forgery (OOB SSRF) Vulnerability)

CVE-2025-31123 (scratch-coding-hut.github.io Login Links Generation vulnerability)

CVE-2025-31124 (Zitadel Expired JWT Keys Usable for Authorization Grants)

CVE-2025-31125 (Zitadel allows User Enumeration by loginname attribute normalization)

CVE-2025-31128 (Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query)

CVE-2025-31129 (gifplayer XSS vulnerability)

CVE-2025-31139 (jooby-pac4j: deserialization of untrusted data)

CVE-2025-31163 (fig2dev float point exception)

CVE-2025-31164 (fig2dev segmentation fault)

CVE-2025-31165 (fig2dev heap-buffer overflow)

CVE-2025-31176 (Cross Site Scripting in NightWolf Penetration Platform)

CVE-2025-31178 (Gnuplot: gnuplot segmentation fault on plot3d_points)

CVE-2025-31179 (Gnuplot: gnuplot segmentation fault on getannotatestring)

CVE-2025-31180 (Gnuplot: gnuplot segmentation fault on xstrftime)

CVE-2025-31181 (Gnuplot: gnuplot segmentation fault on canvas_text)

CVE-2025-31182 (Gnuplot: gnuplot segmentation fault on x11_graphics)