Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valvesoftware vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-15944
In Counter-Strike: Global Offensive prior to 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
Valvesoftware Counter-strike\\ Global Offensive
7.2
CVSSv2
CVE-2015-7985
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.
Valvesoftware Steam Client 2.10.91.91
1 EDB exploit
2 Github repositories
NA
CVE-2023-38312
A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.
Valvesoftware Counter-strike 8684
1 Github repository
10
CVSSv2
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruptio...
Valvesoftware Game Networking Sockets
7.5
CVSSv2
CVE-2020-6017
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and pos...
Valvesoftware Game Networking Sockets
7.5
CVSSv2
CVE-2020-6018
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a r...
Valvesoftware Game Networking Sockets
5
CVSSv2
CVE-2020-6019
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.
Valvesoftware Game Networking Sockets
5
CVSSv2
CVE-2008-7203
Valve Software Half-Life Counter-Strike 1.6 allows remote malicious users to cause a denial of service (crash) via multiple crafted login packets.
Valvesoftware Counter-strike 1.6
1 EDB exploit
7.2
CVSSv2
CVE-2020-15530
An issue exists in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam have weak permissions during a critical time window. An attacker can ma...
Valvesoftware Steam Client 2.10.91.91
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3