gog

Top products

The 15 most recently published vulnerabilities affecting gog.

• CVE-2022-31262An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and ch...7.8Aug 17, 2022
• CVE-2021-26807GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned ...7.8Apr 30, 2021
• CVE-2020-24574The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Wi...7.8Aug 21, 2020
• CVE-2020-7352GOG Galaxy GalaxyClientService Privilege Escalation8.4Aug 6, 2020
• CVE-2020-11827In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. ...7.8Jul 14, 2020
• CVE-2020-15528An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity c...7.8Jul 5, 2020
• CVE-2020-15529An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak f...7.8Jul 5, 2020
• CVE-2019-15511An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP pac...7.8Nov 21, 2019
• CVE-2018-4048An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite ex...7.8May 30, 2019
• CVE-2018-4049An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can ove...7.8Apr 2, 2019
• CVE-2018-4053An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening ...5.5Apr 2, 2019
• CVE-2018-4051An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdire...5.5Apr 2, 2019
• CVE-2018-4052An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running ...5.5Apr 2, 2019
• CVE-2018-3974An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system ...7.8Apr 2, 2019
• CVE-2018-4050An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions lead...7.8Apr 1, 2019