Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valvesoftware vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-7949
schemasystem.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call.
Valvesoftware Dota 2
NA
CVE-2023-35855
A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable.
Valvesoftware Counter-strike
1 Github repository
6.8
CVSSv2
CVE-2020-7950
meshsystem.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call.
Valvesoftware Dota 2
6.8
CVSSv2
CVE-2020-7951
meshsystem.dll in Valve Dota 2 prior to 7.23e allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.
Valvesoftware Dota 2
6.8
CVSSv2
CVE-2020-7952
rendersystemdx9.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.
Valvesoftware Dota 2
6
CVSSv2
CVE-2021-30481
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
Valvesoftware Steam Client
1 Github repository
NA
CVE-2023-30382
A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows malicious users to execute arbitrary code and escalate privileges by supplying crafted parameters.
Valvesoftware Half-life -
5
CVSSv2
CVE-2015-4016
The client detection protocol in Valve Steam allows remote malicious users to cause a denial of service (process crash) via a crafted response to a broadcast packet.
Valvesoftware Steam Client
5
CVSSv2
CVE-2020-6019
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.
Valvesoftware Game Networking Sockets
7.2
CVSSv2
CVE-2015-7985
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.
Valvesoftware Steam Client 2.10.91.91
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »