VYPR

Unity8

by Unity8

CVEs (6)

  • CVE-2017-12939CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.05

    A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.

  • CVE-2015-7946May 7, 2020
    risk 0.00cvss epss 0.00

    Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1.

  • CVE-2015-9288Jul 29, 2019
    risk 0.00cvss epss 0.01

    The Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages or access online services via a victim's credentials

  • CVE-2016-1584Apr 22, 2019
    risk 0.00cvss epss 0.01

    In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input.

  • CVE-2016-1573Apr 22, 2019
    risk 0.00cvss epss 0.00

    Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.

  • CVE-2014-3202May 6, 2014
    risk 0.00cvss epss 0.00

    Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.