Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oculus vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-3562
A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an malicious user to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11.
Oculus Oculus Browser
4.6
CVSSv2
CVE-2020-1885
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop prior to 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.
Oculus Desktop
4.6
CVSSv2
CVE-2021-24038
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and before 31.1.0.67.507.
Oculus Desktop
NA
CVE-2024-21625
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs ...
Sidequestvr Sidequest
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started