41 matches found
CVE-2021-33501
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL...
EUVD-2020-17904
Malware in sbrugna...
EUVD-2020-7903
Malware in sbrugna...
EUVD-2021-8140
Malicious code in bioql PyPI...
EUVD-2024-48686
Malicious code in bioql PyPI...
CVE-2021-20726
Untrusted search path vulnerability in The Installer of Overwolf 2.168.0.n and earlier allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory...
CVE-2020-15932
Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, causing elevation of privileges...
CVE-2024-7834
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834 Local privilege escalation in Overwolf
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834 Local privilege escalation in Overwolf
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834
The CVE-2024-7834 entry concerns Overwolf. Affected: Overwolf software (frames/SDK) that loads and executes certain DLLs from a user-writable folder during startup, running in SYSTEM context. Root cause: untrusted DLLs placed in the user-writable location are loaded on launch, enabling local priv...
Overwolf 安全漏洞
Overwolf is a framework from the Israeli company Overwolf that supports building games using HTML and JavaScript. A security vulnerability exists in Overwolf versions prior to 250.1.1, which originates from loading and executing certain dynamic link library files from a user-writable folder in th...
PT-2024-38613 · Overwolf · Overwolf
Name of the Vulnerable Software and Affected Versions: Overwolf affected versions not specified Description: A local privilege escalation issue is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an...
CVE-2021-33501
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL...
CVE-2021-33501
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL...
Design/Logic Flaw
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL...
CVE-2021-33501
Overwolf Client 0.169.0.22 is affected by an XSS vulnerability that can lead to Remote Code Execution via an overwolfstore:// URL. The issue is documented across multiple sources (CVE-2021-33501, Red Hat advisory, NVD entry, etc.), consistently describing an XSS vector that enables RCE. The conne...
EUVD-2021-20202
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL...