Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-12711

Malware in sbrugna...

7.8CVSS7.6AI score0.00415EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13199

Malware in sbrugna...

6.1CVSS6.3AI score0.01096EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-10956

Malware in sbrugna...

7.8CVSS7.6AI score0.00204EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.8 views

CVE-2021-24038

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...

7.8CVSS6.7AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:27 p.m.7 views

CVE-2020-1885

Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file...

7.8CVSS6.9AI score0.00415EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:13 a.m.22 views

CVE-2019-3562

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11...

6.1CVSS7.2AI score0.01096EPSS
Exploits0References1
HackRead
HackRead
added 2024/06/21 5:5 p.m.21 views

AdsExhaust Adware Distributed in Fake Oculus Installer via Google Search

New adware "AdsExhaust" disguises itself as an Oculus installer to steal screenshots, generate fake clicks, and drain resources. Learn how to protect yourself from AdsExhaust and similar threats...

7.3AI score
Exploits0
NVD
NVD
added 2024/01/04 3:15 p.m.9 views

CVE-2024-21625

SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...

8.8CVSS9.1AI score0.00845EPSS
Exploits0References1
Prion
Prion
added 2024/01/04 3:15 p.m.81 views

Remote code execution

SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...

6.8CVSS8.1AI score0.00845EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/04 2:48 p.m.102 views

CVE-2024-21625

CVE-2024-21625 affects SideQuest desktop (pre-0.10.35). The vulnerability stems from improper sanitization of deep link URLs (sidequest://) in the Electron app, allowing a one-click remote code execution when a device is connected and a user clicks a malicious link from within the app. As of vers...

8.8CVSS8.9AI score0.00845EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/04 2:48 p.m.28 views

CVE-2024-21625 One-click remote code execution via malicious deep link

SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol sidequest:// to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized...

8.8CVSS9.2AI score0.00845EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/07/07 9:2 a.m.3 views

oculus-illustration.ch Cross Site Scripting vulnerability OBB-3485803

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Snyk
Snyk
added 2022/06/23 9:24 a.m.3 views

Malicious Package

Overview com.unity.xr.oculus is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packa...

9.8CVSS7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:8 p.m.3 views

Malicious code in com.unity.xr.oculus (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e99a11c7a854e56a08e3f6559004b7d3b862c6c2e7c99bfcb6576c921cd9cde Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2021/08/19 4:15 p.m.4 views

CVE-2021-24038

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...

7.8CVSS5.8AI score0.00204EPSS
Exploits0References1
NVD
NVD
added 2021/08/19 4:15 p.m.24 views

CVE-2021-24038

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...

7.8CVSS0.00204EPSS
Exploits0References1
Prion
Prion
added 2021/08/19 4:15 p.m.17 views

Privilege escalation

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...

4.6CVSS7.4AI score0.00204EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.6 views

Facebook Oculus Desktop 安全漏洞

Facebook Oculus Desktop is a virtual desktop application from Facebook Inc. that supports the operation of computers in VR. Facebook Oculus Desktop suffers from a security vulnerability that stems from a handle management error in OVRServiceLauncher.exe, which can be exploited by an attacker to...

7.8CVSS7.4AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/18 11:35 p.m.21 views

CVE-2021-24038

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...

7.6AI score0.00204EPSS
Exploits0References1
CVE
CVE
added 2021/08/18 11:35 p.m.42 views

CVE-2021-24038

CVE-2021-24038 affects Oculus Desktop where a bug in the management of handles in OVRServiceLauncher.exe can expose a privileged process handle to an unprivileged process, enabling local privilege escalation . Impact is described for Oculus Desktop versions after 1.39 and before 31.1.0.67.507. Th...

7.8CVSS7.3AI score0.00204EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder