|
1471
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
CWE-415
Double Free
|
CVE-2026-26163
|
2026-04-25 04:30 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1472
|
7.2 |
HIGH
Network
|
dlink
|
dir-823x_firmware
|
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiti…
|
CWE-77
Command Injection
|
CVE-2025-29635
|
2026-04-25 04:27 |
2025-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1473
|
7.2 |
HIGH
Network
|
dlink
|
dir-823x_firmware
|
Una vulnerabilidad de inyección de comandos en D-Link DIR-823X 240126 y 240802 permite a un atacante autorizado ejecutar comandos arbitrarios en dispositivos remotos enviando una solicitud POST a /go…
|
CWE-77
Command Injection
|
CVE-2025-29635
|
2026-04-25 04:27 |
2025-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1474
|
7.2 |
HIGH
Network
|
simple-help
|
simplehelp
|
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to…
|
CWE-59
CWE-22
Link Following
Path Traversal
|
CVE-2024-57728
|
2026-04-25 04:27 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1475
|
7.2 |
HIGH
Network
|
simple-help
|
simplehelp
|
El software de soporte remoto SimpleHelp v5.5.7 y versiones anteriores permite a los usuarios administradores cargar archivos arbitrarios en cualquier parte del sistema de archivos mediante la carga…
|
CWE-59
CWE-22
Link Following
Path Traversal
|
CVE-2024-57728
|
2026-04-25 04:27 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1476
|
9.9 |
CRITICAL
Network
|
simple-help
|
simplehelp
|
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate p…
|
NVD-CWE-noinfo
CWE-862
Missing Authorization
|
CVE-2024-57726
|
2026-04-25 04:26 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1477
|
9.9 |
CRITICAL
Network
|
simple-help
|
simplehelp
|
El software de soporte remoto SimpleHelp v5.5.7 y versiones anteriores tiene una vulnerabilidad que permite a los técnicos con pocos privilegios crear claves API con permisos excesivos. Estas claves…
|
NVD-CWE-noinfo
CWE-862
Missing Authorization
|
CVE-2024-57726
|
2026-04-25 04:26 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1478
|
7.5 |
HIGH
Network
|
xiangshan
|
nemu
|
NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector (RVV) decoder. The decoder does not correctly validate the funct3 field when decodin…
|
CWE-131
CWE-1287
Incorrect Calculation of Buffer Size
Improper Validation of Specified Type of Input
|
CVE-2026-29645
|
2026-04-25 04:25 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1479
|
9.8 |
CRITICAL
Network
|
xiangshan
|
nemu
|
NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode w…
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-29649
|
2026-04-25 04:23 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1480
|
3.3 |
LOW
Local
|
uutils
|
coreutils
|
A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s (only-delimited) flag when using the -z (null-terminated) and -d '' (empty delimiter) options together. The im…
|
CWE-684
Incorrect Provision of Specified Functionality
|
CVE-2026-35381
|
2026-04-25 04:19 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
