Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Logitech Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36263 2 Logitech, Microsoft 2 Streamlabs Desktop, Windows 2023-08-08 N/A 7.3 HIGH
StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.
CVE-2022-0916 1 Logitech 1 Options 2022-05-10 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
CVE-2019-12506 1 Logitech 2 R700 Laser Presentation Remote, R700 Laser Presentation Remote Firmware 2020-08-24 8.3 HIGH 8.8 HIGH
Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.
CVE-2018-15722 1 Logitech 2 Harmony Hub, Harmony Hub Firmware 2019-10-09 9.3 HIGH 8.1 HIGH
The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response.
CVE-2018-0620 1 Logitech 1 Game Software 2018-09-20 6.8 MEDIUM 7.8 HIGH
Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2018-0621 1 Logitech 1 Connection Utility Software 2018-09-20 6.8 MEDIUM 7.8 HIGH
Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.