Filtered by vendor Nvidia Subscriptions
Filtered by product Omniverse Launcher Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25524 1 Nvidia 1 Omniverse Launcher 2024-11-21 4 Medium
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.
CVE-2022-21817 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Omniverse Launcher 2024-11-21 9.3 Critical
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.