Filtered by vendor Id Software
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3400 | 2 Id Software, Raven Software | 2 Quake 3 Engine, Soldier Of Fortune 2 | 2025-04-03 | N/A |
| Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server. | ||||
| CVE-2001-1289 | 1 Id Software | 1 Quake 3 Arena | 2025-04-03 | N/A |
| Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters. | ||||
| CVE-2004-2594 | 1 Id Software | 1 Quake Ii Server Windows | 2025-04-03 | N/A |
| Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg". | ||||
| CVE-2004-2596 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | N/A |
| Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | ||||
| CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2025-04-03 | N/A |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | ||||
| CVE-1999-1502 | 1 Id Software | 1 Quake | 2025-04-03 | N/A |
| Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | ||||
| CVE-2004-2593 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | N/A |
| Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | ||||