Known Vulnerabilities for Steam Client by Valvesoftware
Listed below are 9 of the newest known vulnerabilities associated with "Steam Client" by "Valvesoftware".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-30481 json | Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrar... | 9 - CRITICAL | 2021-04-10 | 2022-02-07 |
| CVE-2020-15530 json | An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privil... | 7.8 - HIGH | 2020-07-05 | 2021-07-21 |
| CVE-2019-17180 json | Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by ... | 7.8 - HIGH | 2019-10-04 | 2020-01-16 |
| CVE-2019-15316 json | Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORI... | 7 - HIGH | 2019-08-21 | 2020-08-24 |
| CVE-2019-15315 json | Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users ca... | 7.8 - HIGH | 2019-08-21 | 2020-08-24 |
| CVE-2019-14743 json | In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for t... | 6.6 - MEDIUM | 2019-08-07 | 2020-08-24 |
| CVE-2018-12270 json | In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, w... | 5.4 - MEDIUM | 2019-05-20 | 2022-02-07 |
| CVE-2015-7985 json | Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain... | 7.2 - HIGH | 2015-11-24 | 2022-02-07 |
| CVE-2015-4016 json | The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (process crash) via a craft... | 5 - MEDIUM | 2015-05-20 | 2022-02-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Valvesoftware | Steam Client | 2019-09-12 | |||
| Application | Valvesoftware | Steam Client | 2019-09-12 | |||
| Application | Valvesoftware | Steam Client | 2019-09-10 | |||
| Application | Valvesoftware | Steam Client | 2019-08-21 | |||
| Application | Valvesoftware | Steam Client | 2019-08-20 | |||
| Application | Valvesoftware | Steam Client | 2019-08-16 | |||
| Application | Valvesoftware | Steam Client | 2019-08-12 | |||
| Application | Valvesoftware | Steam Client | 2019-08-05 | |||
| Application | Valvesoftware | Steam Client | 2019-07-16 | |||
| Application | Valvesoftware | Steam Client | 2019-06-17 | |||
| Application | Valvesoftware | Steam Client | 2019-06-14 | |||
| Application | Valvesoftware | Steam Client | 2019-06-13 | |||
| Application | Valvesoftware | Steam Client | 2019-04-29 | |||
| Application | Valvesoftware | Steam Client | 2019-04-16 | |||
| Application | Valvesoftware | Steam Client | 2019-03-05 | |||
| Application | Valvesoftware | Steam Client | 2019-02-18 | |||
| Application | Valvesoftware | Steam Client | 2019-02-01 | |||
| Application | Valvesoftware | Steam Client | 2019-01-04 | |||
| Application | Valvesoftware | Steam Client | 2018-11-26 | |||
| Application | Valvesoftware | Steam Client | 2018-11-09 |