Vulnerabilities > Valvesoftware > Steam Client > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-05 | CVE-2020-15530 | Race Condition vulnerability in Valvesoftware Steam Client 2.10.91.91 An issue was discovered in Valve Steam Client 2.10.91.91. | 7.8 |
| 2019-10-04 | CVE-2019-17180 | Path Traversal vulnerability in Valvesoftware Steam Client Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. | 7.8 |
| 2019-08-21 | CVE-2019-15316 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition. | 7.0 |
| 2019-08-21 | CVE-2019-15315 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch. | 7.8 |