MiroCVEs & Vulnerabilities
2 CVEs affecting Miro products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
miro 1miro player 1
CVE-2024-23746CRITICAL
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).
2 Feb 2024
9.8
CVSS
CVE-2008-0984CRITICALpoc
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
26 Feb 2008
9.3
CVSS
← PrevPage 1 / 1Next →