聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2024-8258 | Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration. | 2.0 | 0.40% | 2024-09-10 | 2026-06-17 |
| CVE-2024-8011 | Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera. | 2.0 | 0.13% | 2024-08-25 | 2026-06-17 |
| CVE-2024-4031 | Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code. | 4.4 | 0.23% | 2024-04-23 | 2026-06-17 |
| CVE-2024-2537 | Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on MacOS allows Local Code Inclusion. | 4.4 | 0.28% | 2024-03-15 | 2026-06-17 |
| CVE-2022-0916 | An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations. | 8.4 | 0.41% | 2022-05-03 | 2026-06-17 |
| CVE-2022-0915 | There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user. | 6.0 | 0.17% | 2022-04-12 | 2026-06-17 |