Valvesoftware CVE - CVE Search - CVE Details

Filtered by vendor Valvesoftware Subscribe

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-17877	1 Valvesoftware	2 Steam Link, Steam Link Firmware	2019-10-02	10.0 HIGH	9.8 CRITICAL
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878.
CVE-2019-15944	1 Valvesoftware	1 Counter-strike\	2019-09-09	5.0 MEDIUM	5.3 MEDIUM
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
CVE-2017-17878	1 Valvesoftware	2 Steam Link, Steam Link Firmware	2018-01-11	10.0 HIGH	9.8 CRITICAL
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).
CVE-2008-7203	1 Valvesoftware	1 Counter-strike	2017-10-10	5.0 MEDIUM	N/A
Valve Software Half-Life Counter-Strike 1.6 allows remote attackers to cause a denial of service (crash) via multiple crafted login packets.
CVE-2016-5237	1 Valvesoftware	1 Steamos	2017-09-06	1.9 LOW	4.8 MEDIUM
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
CVE-2013-7128	1 Valvesoftware	1 Steamos	2013-12-18	2.1 LOW	N/A
Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows local users to obtain sensitive information by reading this file.

Vulnerabilities (CVE)