Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valvesoftware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7985
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.
Valvesoftware Steam Client 2.10.91.91
1 EDB exploit
2 Github repositories
NA
CVE-2008-7203
Valve Software Half-Life Counter-Strike 1.6 allows remote malicious users to cause a denial of service (crash) via multiple crafted login packets.
Valvesoftware Counter-strike 1.6
1 EDB exploit
7.5
CVSSv3
CVE-2020-6019
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.
Valvesoftware Game Networking Sockets
8.8
CVSSv3
CVE-2019-15943
vphysics.dll in Counter-Strike: Global Offensive prior to 1.37.1.1 allows remote malicious users to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
Valvesoftware Counter-strike\\ Global Offensive
1 EDB exploit
1 Article
5.3
CVSSv3
CVE-2019-15944
In Counter-Strike: Global Offensive prior to 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
Valvesoftware Counter-strike\\ Global Offensive
7.5
CVSSv3
CVE-2023-38312
A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.
Valvesoftware Counter-strike 8684
1 Github repository
9.8
CVSSv3
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruptio...
Valvesoftware Game Networking Sockets
9.8
CVSSv3
CVE-2020-6017
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and pos...
Valvesoftware Game Networking Sockets
9.8
CVSSv3
CVE-2020-6018
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a r...
Valvesoftware Game Networking Sockets
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3