Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valvesoftware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-35855
A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable.
Valvesoftware Counter-strike
1 Github repository
6.8
CVSSv2
CVE-2020-7950
meshsystem.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call.
Valvesoftware Dota 2
6.8
CVSSv2
CVE-2020-7951
meshsystem.dll in Valve Dota 2 prior to 7.23e allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.
Valvesoftware Dota 2
6.8
CVSSv2
CVE-2020-7949
schemasystem.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call.
Valvesoftware Dota 2
6.8
CVSSv2
CVE-2020-7952
rendersystemdx9.dll in Valve Dota 2 prior to 7.23f allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.
Valvesoftware Dota 2
NA
CVE-2023-30382
A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows malicious users to execute arbitrary code and escalate privileges by supplying crafted parameters.
Valvesoftware Half-life -
6.8
CVSSv2
CVE-2020-9005
meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote malicious users to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server. A GetValue call is mishandled.
Valvesoftware Dota 2
6
CVSSv2
CVE-2021-30481
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
Valvesoftware Steam Client
1 Github repository
7.2
CVSSv2
CVE-2020-15530
An issue exists in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam have weak permissions during a critical time window. An attacker can ma...
Valvesoftware Steam Client 2.10.91.91
10
CVSSv2
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruptio...
Valvesoftware Game Networking Sockets
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »