384 matches found
Logitech Solar Keyboard Service Unquoted Service Path
Title: Logitech Solar Keyboard Service - 'L4301Solar' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.logitech.com/es-mx Software Link: https://support.logi.com/hc/en-us/articles/360024692874--Downloads-Wireless-Solar-Keyboard-K750 Version : 1.10.3.0 Teste...
logitech.site123.me Cross Site Scripting vulnerability OBB-1477761
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Logitech: IDOR when creating App on [platform.streamlabs.com/api/v1/store/whitelist] with user_id field
Summary: Hi team, There is a IDOR when applying to platform.streamlabs.com after loginning. If you login to platform.streamlabs.com and click Create App. You will see the "apply form". And if you submit it, you will see the userid parameter in JSON data of the apply request. api/v1/store/whitelis...
Fedora 31 : fwupd (2020-ad1c74c2a1)
New upstream release - Actually reload the DFU device after upgrade has completed - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when...
logitech.com Improper Access Control vulnerability OBB-1199874
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1505)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Logitech Unifying Device Information Disclosure Vulnerability (CNVD-2019-34836)
Logitech Unifying is a USB type signal receiver from Logitech, Switzerland. An information disclosure vulnerability exists in the Logitech Unifying device. An attacker could exploit the vulnerability to obtain sensitive information about an affected component...
Logitech Unifying Device Information Disclosure Vulnerability
Logitech Unifying is a USB type signal receiver from Logitech, Switzerland. An information disclosure vulnerability exists in the Logitech Unifying device. An attacker could exploit the vulnerability to obtain sensitive information about an affected component...
Logitech Unifying Device Injection Vulnerability (CNVD-2019-34835)
Logitech Unifying is a USB type signal receiver from Logitech, Switzerland. An injection vulnerability exists in the Logitech Unifying device. No details of the vulnerability are available at this time...
Logitech R500 Injection Vulnerability
The Logitech R500 is a wireless laser presentation remote control from Logitech Switzerland. Logitech R500 suffers from an injection vulnerability. An attacker can exploit this vulnerability to inject keystrokes...
Logitech Unifying Device Injection Vulnerability
Logitech Unifying is a USB type signal receiver from Logitech, Switzerland. An injection vulnerability exists in the Logitech Unifying device. No detailed vulnerability details are available at this time...
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
CVE-2019-13054
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z...
CVE-2019-13053
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...
CVE-2019-13052
Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...
CVE-2019-13055
Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard...
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
Sql injection
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...
Input validation
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z...
Sql injection
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...