note press vulnerabilities and exploits

6.9
CVSSv2
CVE-2010-5206

Multiple untrusted search path vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip allow local users to gain privileges via a Trojan horse (1) mfc71enu.dll or (2) mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .txt,...

6.9
CVSSv2
CVE-2010-5205

Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .psw file. NOTE: some...

7.5
CVSSv2
CVE-2017-18548

The note-press plugin before 0.1.2 for WordPress has SQL injection....

3.3
CVSSv2
CVE-2019-13053

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761....

LogitechUnifying Receiver Firmware
6.4
CVSSv2
CVE-2002-2311

Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the...

4.7
CVSSv2
CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache....

4.7
CVSSv2
CVE-2017-5715

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis....

3.3
CVSSv2
CVE-2019-13054

The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z....

LogitechR500 Firmware
3.3
CVSSv2
CVE-2019-13055

Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard....

LogitechK360 FirmwareUnifying Receiver Firmware
3.3
CVSSv2
CVE-2019-13052

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed....

LogitechUnifying Receiver Firmware