CVSS: 4.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0567 – Epic Games Launcher Installer profapi.dll untrusted search path
https://notcve.org/view.php?id=CVE-2025-0567
19 Jan 2025 — A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This vulnerability affects unknown code in the library profapi.dll of the component Installer. The manipulation leads to untrusted search path. Attacking locally is a requirement. The complexity of an attack is rather high. • https://vuldb.com/?ctiid.292528 • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 2%CPEs: 8EXPL: 3CVE-2008-7011 – Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-7011
19 Aug 2009 — The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set. El motor de Unreal, el utilizado en Unreal Tournament v3 1.3, Unreal Tournament 2003 y 2004, Dead Man's Hand, Pariah, WarPath, Postal2, y Shadow Ops, permite a usu... • https://www.exploit-db.com/exploits/32386 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 2CVE-2008-7015 – Unreal Engine 3 - Failed Memory Allocation Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-7015
19 Aug 2009 — Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure. El motor de Unreal v3, utilizado en Unreal Tournament v3 1.3, Frontlines: Fuel of War v1.1.1, y otros productos, permite a atacantes remotos producir una denegación de servicio (salida del servidor) a través de un paquete con un valor de entero largo que inic... • https://www.exploit-db.com/exploits/32362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 15%CPEs: 4EXPL: 3CVE-2008-4243 – Unreal Tournament 3 1.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2008-4243
25 Sep 2008 — Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. Vulnerabilidad de salto de directorio en ImageServer (también conocida como UTImageServer) en WebAdmin anterior a v1.7 para Epic Games Unreal Tournament 3 (UT3) v1.3, permite a atacantes remotos leer archivos de su elección a través de .."punto punto) en la URI. • https://www.exploit-db.com/exploits/6506 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 24%CPEs: 3EXPL: 1CVE-2008-3409 – Unreal Tournament 3 - Memory Corruption (Denial of Service)
https://notcve.org/view.php?id=CVE-2008-3409
31 Jul 2008 — Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c. Desbordamiento de búfer en Unreal Tournament 3 1.3beta4 y anteriores, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria o caída de demonio) o posiblemente,... • https://www.exploit-db.com/exploits/32127 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2008-3410
https://notcve.org/view.php?id=CVE-2008-3410
31 Jul 2008 — Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field is greater than the total packet length, aka attack 2 in ut3mendo.c. Unreal Tournament 3 1.3beta4 y anteriores permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo o caída del demonio) mediante un paquete UDP en el que el valor del tamaño de cierto campo es superior a la long... • http://aluigi.altervista.org/adv/ut3mendo-adv.txt • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 6%CPEs: 3EXPL: 1CVE-2008-3396 – Unreal Tournament 2004 - Null Pointer Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-3396
31 Jul 2008 — Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets. Juego Unreal Tournament 2004 (UT2004) 3369 y anteriores, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo o caída de demonio) a través de ciertas secuencias de paquetes mal formados. • https://www.exploit-db.com/exploits/32125 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 1CVE-2007-4442 – Epic Games Unreal Engine Logging Function - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4442
21 Aug 2007 — Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII. Desbordamiento de búfer basado en pila en la función logging en Unreal engine, posiblemente 2003 y 2004, utilizado en los servidores web internos permite a atacantes remotos provocar denegación d... • https://www.exploit-db.com/exploits/30513 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2007-4443
https://notcve.org/view.php?id=CVE-2007-4443
21 Aug 2007 — The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors. El servidor dedicado UCC para el Unreal engine, posiblemente 2003 y 2004, sobre Windows permite a atacantes remotos provocar denegación de servicio (continuos pit... • http://aluigi.org/adv/unrwebdos-adv.txt •
CVSS: 9.8EPSS: 12%CPEs: 3EXPL: 3CVE-2004-1805 – Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String
https://notcve.org/view.php?id=CVE-2004-1805
31 Dec 2004 — Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. • https://www.exploit-db.com/exploits/23799 •