17 matches found
EUVD-2024-49051
Malicious code in bioql PyPI...
EUVD-2023-32116
Malicious code in bioql PyPI...
CVE-2023-28420
Cross-Site Request Forgery CSRF vulnerability in Leo Caseiro Custom Options Plus plugin = 1.8.1 versions...
CVE-2024-8258
Improper Control of Generation of Code 'Code Injection' in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration...
CVE-2024-8258
Improper Control of Generation of Code 'Code Injection' in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration...
CVE-2024-8258
CVE-2024-8258 affects Logitech Options Plus on macOS (v1.60.496306). The issue is due to improper control of generation of code in Electron Fuses, enabling arbitrary code execution via insecure Electron Fuses configuration (local attack vector, no user interaction; CVSS 3.1 base 7.8, high). Some ...
CVE-2024-8258 Insecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOS
Improper Control of Generation of Code 'Code Injection' in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration...
PT-2024-38895 · Logitech · Logitech Options Plus
Name of the Vulnerable Software and Affected Versions: Logitech Options Plus version 1.60.496306 Description: The issue is related to improper control of generation of code, also known as 'code injection', in Electron Fuses within Logitech Options Plus on macOS. This allows attackers to execute...
CVE-2024-8011
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...
PT-2024-38751 · Logitech · Logitech Options
Name of the Vulnerable Software and Affected Versions: Logitech Options+ versions prior to 1.72 Description: The issue allows a local attacker to inject a dynamic library within the Logitech Options+ runtime and abuse permissions granted by the user, such as access to the Camera. This can lead to...
CVE-2023-28420
Cross-Site Request Forgery CSRF vulnerability in Leo Caseiro Custom Options Plus plugin = 1.8.1 versions...
CVE-2023-28420
Cross-Site Request Forgery CSRF vulnerability in Leo Caseiro Custom Options Plus plugin = 1.8.1 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Leo Caseiro Custom Options Plus plugin = 1.8.1 versions...
CVE-2023-28420 WordPress Custom Options Plus Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Leo Caseiro Custom Options Plus plugin = 1.8.1 versions...
CVE-2023-28420
CVE-2023-28420 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Custom Options Plus by Leo Caseiro, affecting versions ≤ 1.8.1 . The issue is a CSRF flaw that could allow unauthorized actions on behalf of an authenticated user. Public documentation lists this as...
PT-2023-21707 · WordPress · Leo Caseiro Custom Options Plus
Name of the Vulnerable Software and Affected Versions: Leo Caseiro Custom Options Plus plugin versions prior to 1.8.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
WordPress Plugin custom-options-plus Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...