Vulnerabilities > Valvesoftware > Steam Client > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-07 | CVE-2019-14743 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access. | 6.6 |
| 2019-05-20 | CVE-2018-12270 | Improper Input Validation vulnerability in Valvesoftware Steam Client 1528829181 In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites. | 5.4 |