CVE-2026-21420

Dell Repository Manager DRM, versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000998)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000998 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...

CVE-2025-55168

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/saude/aplicarmedicamento.php endpoint, specifically in the idfichamedica parameter. This vulnerability allows...

CVE-2021-24891

The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross-Site Scripting issue...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Plugins Builder that stems from the product...