Vulnerabilities > Valvesoftware > Steam Client > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-05 | CVE-2020-15530 | Improper Privilege Management vulnerability in Valvesoftware Steam Client 2.10.91.91 An issue was discovered in Valve Steam Client 2.10.91.91. | 7.2 |
| 2019-10-04 | CVE-2019-17180 | Path Traversal vulnerability in Valvesoftware Steam Client Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. | 7.2 |
| 2019-08-21 | CVE-2019-15315 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch. | 7.2 |
| 2019-08-07 | CVE-2019-14743 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access. | 7.2 |
| 2015-11-24 | CVE-2015-7985 | Incorrect Default Permissions vulnerability in Valvesoftware Steam Client 2.10.91.91 Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file. | 7.2 |