Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GogGalaxy

8 matches found

CVE
CVEadded 2019/11/21 6:15 p.m.182 views

CVE-2019-15511

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed...

7.8CVSS7.9AI score0.00534EPSS
CVE
CVEadded 2019/05/30 5:29 p.m.53 views

CVE-2018-4048

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Temp directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SY...

9.3CVSS7.7AI score0.00053EPSS
CVE
CVEadded 2019/04/02 4:29 p.m.48 views

CVE-2018-4051

An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories.

7.1CVSS5.6AI score0.00077EPSS
CVE
CVEadded 2019/04/02 4:29 p.m.48 views

CVE-2018-4052

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user.

6.2CVSS5.2AI score0.00125EPSS
CVE
CVEadded 2019/04/02 4:29 p.m.45 views

CVE-2018-3974

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system privil...

9.3CVSS7.8AI score0.0011EPSS
CVE
CVEadded 2019/04/01 7:29 p.m.44 views

CVE-2018-4050

An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.

7.8CVSS7.8AI score0.00076EPSS
CVE
CVEadded 2019/04/02 4:29 p.m.39 views

CVE-2018-4049

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevat...

9.3CVSS7.7AI score0.00083EPSS
CVE
CVEadded 2019/04/02 4:29 p.m.34 views

CVE-2018-4053

An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable.

6.2CVSS5.3AI score0.00131EPSS