Sync
This hub aggregates every CVE we track for Sync, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
2
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2CRITICAL2LOW1MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Sync.
- CVE-2024-31851A path traversal vulnerability exists in the Java version of CData Sync < 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access...8.6
- CVE-2024-0325Command Injection in Helix Sync3.6
- CVE-2022-0915Logitech Sync desktop application prior to 2.4.574 - TOCTOU during installation leads to privelege escalation6.0
- CVE-2018-7886An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload ...7.8
- CVE-2018-6892An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload ca...9.8
- CVE-2015-2846BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link.9.3
Product normalization is registry-driven with AI assist and human review. How it works