33941 matches found
CVE-2026-44407
A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...
CVE-2026-44406
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...
CVE-2026-44407 Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview
A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...
CVE-2026-44407
A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...
CVE-2026-44407 Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview
A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...
CVE-2026-44407
Public technical details (affected versions, root cause, mitigation/patch) are not provided in the supplied documents. Monitor official updates from ZTE and security advisories for new details.
CVE-2026-44406
The CVE-2026-44406 affects ZTE Cloud PC client uSmartView. A DLL hijacking flaw targets the uSmartViewServiceAgent.exe running with SYSTEM privileges, enabling local arbitrary code execution, privilege escalation, and memory corruption. The available sources describe the vuln and its impact but d...
CVE-2026-44406
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...
CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...
CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...
Spring Cloud Config vulnerable to Path Traversal
Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...
Spring Cloud Config has an Authorization Bypass Through User-Controlled Key
When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...
Spring Cloud Config Server Susceptible To TOCTOU Attack
The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. -...
Spring Cloud Config Server Logged Sensitive Information
When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...
GHSA-86WQ-234Q-R6WG Spring Cloud Config Server Susceptible To TOCTOU Attack
The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. -...
GHSA-J6HH-H3CF-C2HF Spring Cloud Config Server Logged Sensitive Information
When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...
GHSA-2MH5-3CW6-HRRQ Spring Cloud Config has an Authorization Bypass Through User-Controlled Key
When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...
GHSA-6G23-24MC-HX6X Spring Cloud Config vulnerable to Path Traversal
Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...
org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +2 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0 <=5.0.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...
com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +6 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=4.2.0 <=4.2.4)
org.springframework.cloud:spring-cloud-config-server MAVEN version =4.2.0, =0.0.1, =1.0.0, =3.0.9, =0.1.41-Beta, =7.2.0, =7.2.0, =4.2.0, =3.2.0, =3.2.3 Source cves: CVE-2026-40982 Source advisory: OSV:GHSA-6G23-24MC-HX6X...