Vulnerabilities > Valvesoftware > Steam Client > 2019.08.16
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-10 | CVE-2021-30481 | Classic Buffer Overflow vulnerability in Valvesoftware Steam Client Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click. | 6.0 |
| 2019-10-04 | CVE-2019-17180 | Path Traversal vulnerability in Valvesoftware Steam Client Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. | 7.2 |
| 2019-08-21 | CVE-2019-15316 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Valvesoftware Steam Client Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition. | 6.9 |
| 2019-08-21 | CVE-2019-15315 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch. | 7.2 |