10 matches found
EUVD-2024-19271
Malicious code in bioql PyPI...
CVE-2024-21625
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
CVE-2024-21625
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
Remote code execution
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
CVE-2024-21625 One-click remote code execution via malicious deep link
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
CVE-2024-21625 One-click remote code execution via malicious deep link
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
CVE-2024-21625
CVE-2024-21625 affects SideQuest desktop (pre-0.10.35). The vulnerability stems from improper sanitization of deep link URLs (sidequest://) in the Electron app, allowing a one-click remote code execution when a device is connected and a user clicks a malicious link from within the app. As of vers...
CVE-2024-21625 One-click remote code execution via malicious deep link
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...
SideQuest Input Validation Error Vulnerability
SideQuest is an open source game store application from SideQuest. An input validation error vulnerability exists in versions of SideQuest prior to 0.10.35, which stems from a vulnerability that allows an attacker to remotely execute code with one click via a malicious deep link...
PT-2024-18977 · Sidequest · Sidequest
Name of the Vulnerable Software and Affected Versions: SideQuest versions prior to 0.10.35 Description: The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Due to improper sanitization of deep link URLs...