Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ea Subscribe
Filtered by product Crysis
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6712 1 Ea 1 Crysis 2018-10-11 5.0 MEDIUM N/A
The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference.
CVE-2008-6737 1 Ea 1 Crysis 2017-08-16 7.8 HIGH N/A
Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information.