142 matches found
CVE-2026-34883
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
EUVD-2026-30934
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
CVE-2026-34883
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
PT-2026-41934
Name of the Vulnerable Software and Affected Versions Portrait Dell Color Management versions prior to 3.7.0 Description A symbolic link issue exists in the Portrait Dell Color Management application on Windows. A local low-privileged user can escalate privileges to Administrator because the...
CVE-2026-34883
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
Portrait Displays Dell Color Management 后置链接漏洞
Portrait Displays Dell Color Management is a color management software developed by Portrait Displays Corporation in the United States. Versions of Portrait Displays Dell Color Management prior to version 3.7.0 contained a backlink vulnerability. This vulnerability stemmed from the improper...
CVE-2026-34883
The CVE-2026-34883 affects the Portrait Dell Color Management application (before version 3.7.0) on Windows systems used with Dell monitors. The root cause is a symbolic link vulnerability in the installer that runs with elevated privileges, allowing a local low-privileged user to escalate to Adm...
[SECURITY] Fedora 44 Update: qt6-qtmqtt-6.10.3-1.fc44
MQTT is a machine-to-machine M2M protocol utilizing the publish-and-subscri be paradigm, and provides a channel with minimal communication overhead. The Qt MQTT module provides a standard compliant implementation of the MQTT protocol specification. It enables applications to act as telemetry...
WordPress Sherk Custom Post Type Displays plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'title' Shortcode Attribute vulnerability discovered by theviper17y in WordPress Plugin Sherk Custom Post Type Displays versions = 1.2.1...
CVE-2026-3554
The vulnerability affects the Sherk Custom Post Type Displays WordPress plugin (up to version 1.2.1). In sherkcptdisplays_func(), the title attribute of the sherkcptdisplays shortcode is read via shortcode_atts() and directly concatenated into an HTML without escaping, enabling Stored XSS. Explo...
CVE-2026-3554
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the 'title' attribute of the...
WordPress plugin Sherk Custom Post Type Displays 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
OpenClaw has an unspecified vulnerability (CNVD-2026-13375)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the fact that the confirmation dialog box for openclaw://agent deep links only displays the first 240 characters of the message but executes the full message,...
CVE-2023-40674
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored XSS.This issue affects Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management:...
Sharp NP series 安全漏洞
The Sharp NP series is a series of large format commercial displays from Sharp Corporation of Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...
Sharp NP series 安全漏洞
The Sharp NP series is a series of large format commercial displays from Sharp Corporation of Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...
Sharp NP series 安全漏洞
The Sharp NP series is a series of large format commercial displays from Sharp Corporation of Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...
Sharp NP series 安全漏洞
The Sharp NP series is a series of large format commercial displays from Sharp Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...
Sharp NP series 安全漏洞
The Sharp NP series is a series of large format commercial displays from Sharp Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...
BIT-GITLAB-2025-8405 Improper Encoding or Escaping of Output in GitLab
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to perform unauthorized actions on behalf of other users by injecting malicious HTML into vulnerability...