Vulnerabilities > Miro

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2024-23746 Code Injection vulnerability in Miro 0.8.18
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).
network
low complexity
miro CWE-94
critical
9.8
2008-02-26 CVE-2008-0984 Resource Management Errors vulnerability in multiple products
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
network
miro videolan CWE-399
critical
9.3