Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-24038 | 1 Oculus | 1 Desktop | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507. | |||||
CVE-2020-1885 | 1 Oculus | 1 Desktop | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file. |