Lucene search
K

33941 matches found

NVD
NVD
added 2026/05/07 9:16 a.m.13 views

CVE-2026-44407

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...

7.5CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 8:16 a.m.9 views

CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

7.8CVSS0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/07 7:33 a.m.10 views

CVE-2026-44407 Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...

4.7CVSS5.8AI score0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:33 a.m.9 views

CVE-2026-44407

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...

4.7CVSS5.8AI score0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 7:33 a.m.40 views

CVE-2026-44407 Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...

4.7CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 7:33 a.m.18 views

CVE-2026-44407

Public technical details (affected versions, root cause, mitigation/patch) are not provided in the supplied documents. Monitor official updates from ZTE and security advisories for new details.

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/07 6:49 a.m.17 views

CVE-2026-44406

The CVE-2026-44406 affects ZTE Cloud PC client uSmartView. A DLL hijacking flaw targets the uSmartViewServiceAgent.exe running with SYSTEM privileges, enabling local arbitrary code execution, privilege escalation, and memory corruption. The available sources describe the vuln and its impact but d...

7.8CVSS6AI score0.00162EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/07 6:49 a.m.6 views

CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

5.7CVSS6AI score0.00162EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 6:49 a.m.9 views

CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

5.7CVSS6AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 6:49 a.m.38 views

CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

5.7CVSS0.00162EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 6:31 a.m.11 views

Spring Cloud Config vulnerable to Path Traversal

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

9.1CVSS5.9AI score0.00727EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 6:31 a.m.12 views

Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 6:31 a.m.12 views

Spring Cloud Config Server Susceptible To TOCTOU Attack

The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. -...

8.1CVSS5.2AI score0.0022EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 6:31 a.m.13 views

Spring Cloud Config Server Logged Sensitive Information

When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...

4.4CVSS5.2AI score0.00168EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/07 6:31 a.m.8 views

GHSA-86WQ-234Q-R6WG Spring Cloud Config Server Susceptible To TOCTOU Attack

The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. -...

7.2CVSS5.2AI score0.0022EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 6:31 a.m.4 views

GHSA-J6HH-H3CF-C2HF Spring Cloud Config Server Logged Sensitive Information

When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...

4.4CVSS5.2AI score0.00168EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 6:31 a.m.4 views

GHSA-2MH5-3CW6-HRRQ Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 6:31 a.m.10 views

GHSA-6G23-24MC-HX6X Spring Cloud Config vulnerable to Path Traversal

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

9.1CVSS5.9AI score0.00727EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/07 6:31 a.m.7 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +2 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...

4.4CVSS5.8AI score0.00168EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 6:31 a.m.8 views

com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +6 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=4.2.0 <=4.2.4)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.2.0, =0.0.1, =1.0.0, =3.0.9, =0.1.41-Beta, =7.2.0, =7.2.0, =4.2.0, =3.2.0, =3.2.3 Source cves: CVE-2026-40982 Source advisory: OSV:GHSA-6G23-24MC-HX6X...

9.1CVSS5.8AI score0.00727EPSS
Exploits0
Rows per page
Query Builder