Vulnerabilities > GOG > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-17 | CVE-2022-31262 | Improper Preservation of Permissions vulnerability in GOG Galaxy 2.0.46 An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. | 7.8 |
2020-08-06 | CVE-2020-7352 | Use of Hard-coded Credentials vulnerability in GOG Galaxy The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. | 7.2 |
2020-07-14 | CVE-2020-11827 | Improper Privilege Management vulnerability in GOG Galaxy In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. | 7.2 |
2019-11-21 | CVE-2019-15511 | Improper Privilege Management vulnerability in GOG Galaxy An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. | 7.2 |
2019-05-30 | CVE-2018-4048 | Exposure of Resource to Wrong Sphere vulnerability in GOG Galaxy 1.2.48.36 An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). | 7.2 |
2019-04-02 | CVE-2018-4049 | Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy 1.2.48.36 An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). | 7.2 |
2019-04-02 | CVE-2018-3974 | Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy 1.2.45.61 An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. | 7.8 |
2019-04-01 | CVE-2018-4050 | Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy 1.2.47 An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. | 7.2 |