Lucene search
K

384 matches found

CNNVD
CNNVD
added 2022/11/30 12:0 a.m.5 views

g810-led 安全漏洞

g810-led is a Linux boot controller for the Logitech G213, G410, G413, G512, G513, G610, G810, G815, G910, and GPRO keyboards from MatMoul Personal Developers. A security vulnerability exists in g810-led version 0.4.2, which stems from its udev rules making supported device nodes globally readabl...

6.5CVSS6.4AI score0.00659EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/11/30 12:0 a.m.6 views

CVE-2022-46338

g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data...

6.3AI score0.00659EPSS
Exploits0References3
CVE
CVE
added 2022/11/30 12:0 a.m.77 views

CVE-2022-46338

CVE-2022-46338 affects the Linux tool g810-led (version 0.4.2) for Logitech Gx10 keyboards. The issue stems from a udev rule that makes device nodes world-readable and writable, enabling any local process to read traffic from connected keyboards (potentially exposing sensitive data). Publicly doc...

6.5CVSS6.2AI score0.00659EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-27827 · G810-Led · G810-Led

Name of the Vulnerable Software and Affected Versions: g810-led version 0.4.2 Description: The issue allows any process on the system to read traffic from keyboards, including sensitive data, due to a udev rule that makes supported device nodes world-readable and writable. This affects a LED...

6.5CVSS6.7AI score0.00659EPSS
Exploits0References17
OSV
OSV
added 2022/05/03 2:15 p.m.2 views

CVE-2022-0916

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2022/05/03 2:15 p.m.12 views

CVE-2022-0916

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations...

8.8CVSS0.0042EPSS
Exploits0References1
Prion
Prion
added 2022/05/03 2:15 p.m.16 views

Cross site request forgery (csrf)

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations...

6.8CVSS8.7AI score0.0042EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 1:40 p.m.2397 views

CVE-2022-0916

CVE-2022-0916 affects Logitech Options. The issue is that the OAuth 2.0 state parameter was not properly validated, enabling potential CSRF during authentication/authorization. Documents show vulnerability details and CVSS metrics but do not provide a concrete patch/version or remediation guidanc...

8.8CVSS8.8AI score0.0042EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 1:40 p.m.20 views

CVE-2022-0916 Broken authentication on Logitech Options due to misvalidation of Oauth state parameter

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations...

8.4CVSS9AI score0.0042EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.4 views

Logitech Options 跨站请求伪造漏洞

Logitech Options is a powerful and easy-to-use application from Logitech that enhances your Logitech mouse, keyboard, and touchpad. Logitech Options suffers from a cross-site request forgery vulnerability that stems from a failure to properly validate the status parameter of Oauth 2.0. An attacke...

8.8CVSS7.8AI score0.0042EPSS
Exploits0References2
NVD
NVD
added 2022/04/12 7:15 p.m.13 views

CVE-2022-0915

There is a Time-of-check Time-of-use TOCTOU Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user...

7CVSS0.00168EPSS
Exploits0References1
OSV
OSV
added 2022/04/12 7:15 p.m.3 views

CVE-2022-0915

There is a Time-of-check Time-of-use TOCTOU Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user...

7CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2022/04/12 7:15 p.m.16 views

Race condition

There is a Time-of-check Time-of-use TOCTOU Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user...

6.9CVSS7.1AI score0.00168EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/12 6:35 p.m.17 views

CVE-2022-0915 Logitech Sync desktop application prior to 2.4.574 - TOCTOU during installation leads to privelege escalation

There is a Time-of-check Time-of-use TOCTOU Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user...

6CVSS7.3AI score0.00168EPSS
Exploits0References1
CVE
CVE
added 2022/04/12 6:35 p.m.74 views

CVE-2022-0915

CVE-2022-0915 concerns the Logitech Sync desktop application for Windows prior to 2.4.574. The issue is a TOCTOU race condition during installation that may allow an attacker to escalate privileges to the system user. Affected product: Logitech Sync on Windows (pre-2.4.574). Root cause: race cond...

7CVSS6.7AI score0.00168EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.5 views

Logitech Sync for Windows 安全漏洞

Logitech Sync for Windows is a crossover application from Logitech Switzerland. A security vulnerability exists in Logitech Sync for Windows versions prior to 2.4.574, which could be exploited by an attacker to elevate privileges...

7CVSS7.1AI score0.00168EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/08 8:31 p.m.3 views

CVE-2022-0915

There is a Time-of-check Time-of-use TOCTOU Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user...

7CVSS7.1AI score0.00168EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/08 11:48 a.m.3 views

CVE-2022-0916

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations...

8.8CVSS7.7AI score0.0042EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2021/10/13 12:0 a.m.311 views

Logitech Media Server 8.2.0 Cross Site Scripting

Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting XSS Shodan Dork: Search Logitech Media Server Date: 12.10.2021 Exploit Author: Mert Das Vendor Homepage: www.logitech.com Version: 8.2.0 Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/10/13 12:0 a.m.283 views

Logitech Media Server 8.2.0 - (Title) Cross-Site Scripting Vulnerability

Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting XSS Shodan Dork: Search Logitech Media Server Exploit Author: Mert Das Vendor Homepage: www.logitech.com Version: 8.2.0 Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to Title section 3...

0.3AI score
Exploits0
Rows per page
Query Builder