Vulnerabilities (CVE)

Filtered by vendor Oculus Subscribe
Filtered by product Desktop
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24038 1 Oculus 1 Desktop 2024-11-21 4.6 MEDIUM 7.8 HIGH
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.
CVE-2020-1885 1 Oculus 1 Desktop 2024-11-21 4.6 MEDIUM 7.8 HIGH
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.