The complete archive of my advisories about software security vulnerabilities found by me.
All the advisories include the steps for replicating the vulnerabilities or links to the proof-of-concept.
- ZIP archive containing all the security advisories.
- PDF of the vulnerabilities in multiplayer games till 2012 (last update 02 May 2020).
- PDF of the vulnerabilities in HMI/SCADA and industrial software between 2010 and 2012 (last update 16 Oct 2020).
Directory traversal in TheBrain 11.0.127.0 (no tag)
17 Oct 2020: slides
Exploiting Steam Lobbies and Matchmaking (game)
18 Sep 2014: paper
Steam Service Security (game)
10 Jul 2014: paper
Steam Voip Security (game)
04 Jul 2014: paper
Overview of multiple vulnerabilities in Samsung SmartTV (tv)
26 Mar 2014: slides
Miracast Wi-Fi backdoor in Philips SmartTV (6/7/8/9xxx) (tv)
26 Mar 2014: slides - video
Buffer-overflow in IntegraXor 4.1.4380 (SCADA)
17 Jan 2014: slides
DLL injection in NVIDIA mental ray (raysat) 3.11.1.10
10 Dec 2013: paper - info
Exploitable update system in Playtech (poker)
10 Apr 2013: paper
Exploitable update system in Microgaming (poker)
10 Apr 2013: paper
Exploitable update system in B3W (poker)
10 Apr 2013: paper
Integer Overflow in Nexuiz (game)
20 May 2013: paper
Multiple vulnerabilities in CryEngine 3 (game)
20 May 2013: paper - info
Multiple vulnerabilities in idTech 4 (idBitMsg::ReadData) (game)
20 May 2013: paper - info
Buffer-overflow in Quake 4 (GetInfo) (game)
20 May 2013: paper
Endless loop in Brink (game)
20 May 2013: paper - info
Multiple vulnerabilities in Sanctum (game)
20 May 2013: paper
OutOfMemory in The Haunted: Hells Reach (game)
20 May 2013: paper
Multiple vulnerabilities in Homefront (game)
20 May 2013: paper
Array Overflow in Monday Night Combat (game)
20 May 2013: paper
Multiple vulnerabilities in Breach (game)
20 May 2013: paper
EA Origin URL arguments injection (game)
22 Mar 2013: paper
Battlefield Play4Free Arguments Injection (Plugin 1.0.80.2, Game 1.52.245751.0) (game)
22 Mar 2013: paper
RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability (media)
19 Nov 2012: zdi-12-187
Call of Duty: Modern Warfare 3 NULL pointer dereference (game)
13 Nov 2012: paper
Steam Browser Protocol Insecurity (when local bugs go remote) (game)
16 Oct 2012: paper
Desura local privilege escaltion (game)
20 Oct 2012: adv - desurasvc
EMC NetWorker nsrd format string (enterprise)
30 Aug 2012: adv - nsrd_1
HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability (enterprise)
22 Aug 2012: zdi-12-163 - adv? - ?
Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability (media)
17 Aug 2012: zdi-12-136 - quicktime_?
Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability (media)
03 Aug 2012: zdi-12-130 - quicktime_?
Vulnerabilities in HP OpenView Performance Agent coda.exe (enterprise)
12 Jul 2012: zdi-12-114 - zdi-12-115 - adv - adv - coda_*
Directory traversal in SpecView 2.5 build 853 (SCADA)
29 Jun 2012: adv - specview_1
Unexploitable stack overflow in PowerNet Twin Client 8.9 (SCADA?)
29 Jun 2012: adv - powernet_1
Apple Quicktime Dataref URI Buffer Remote Code Execution Vulnerability (media)
27 Jun 2012: zdi-12-103 - quicktime_*
Vulnerabilities in Winlog 2.07.16 (and partially 2.07.17) (SCADA)
26 Jun 2012: adv - winlog_2
HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability (enterprise)
21 Jun 2012: zdi-12-100 - adv - hpperman_1
NULL pointer in Samsung AllShare 2.1.1.0 (streaming)
18 Jun 2012: adv - allshare_1
Vulnerabilities in Quicktime (media)
06 Jun 2012: zdi-12-075 - zdi-12-079 - quicktime_*
Vulnerabilities in RealPlayer (media)
06 Jun 2012: zdi-12-084 - zdi-12-085 - zdi-12-086 - zdi-12-087 - real_*
Vulnerabilities in Pro-face Pro-Server EX 1.30 (SCADA)
13 May 2012: adv - proservrex_1
Resources consumption or Denial of Service in Wonderware SuiteLink (SCADA)
11 May 2012: adv - suitelink_1
Vulnerabilities in QNX phrelay/phindows/phditto (SCADA???)
10 May 2012: adv - qnxph_1
Endless loop in Samsung NET-i ware 1.37 (no tag)
21 Apr 2012: adv - netiware_1
Vulnerabilities in Samsung TV (remote controller protocol) (tv)
19 Apr 2012: adv - poc - samsux_1
Denial of Service vulnerabilities in EMC IRM Server 4.6.1.1995 (enterprise)
10 Apr 2012: adv - poc - irm_1
Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability (media)
09 Apr 2012: zdi-12-058 - quicktime_?
Denial of Service in EMC Data Protection Advisor 5.8.1 (enterprise)
29 Mar 2012: adv - dpa_1
FlexNet License Server Manager lmgrd Remote Code Execution Vulnerability (enterprise)
26 Mar 2012: adv - zdi-12-052 - lmgrd_1
Vulnerabilities in RealPlayer (media)
22 Mar 2012: zdi-12-048 - zdi-12-049 - zdi-12-051 - realplayer_*
Vulnerabilities in Novell ZENworks Configuration Management (enterprise)
21 Mar 2012: info - id975 - id974 - id973 - adv - adv - adv - adv - adv - adv - zenworks_*
Use-after-free in Microsoft Remote Desktop (ms12-020) (enterprise)
15 Mar 2012: adv - leak_info - zdi-12-044 - ms - termdd_1
Vulnerabilities in GE iFix Profiy Historian (SCADA)
13 Mar 2012: info - zdi-12-133 - adv - ifix_2
Vulnerabilities in GE Real-Time Information Portal (SCADA)
13 Mar 2012: info - info - zdi-12-148 - adv - rtip_1
Directory traversal in Sockso 1.5 (streaming)
14 Mar 2012: adv - sockso_1
Vulnerabilities in Presto! PageManager 9.01 (no tag)
14 Mar 2012: adv - pagemanager_1
Denial of Service in Epson EventManager 2.50 (no tag)
14 Mar 2012: adv - eeventmanager_1
Arbitrary files downloading in TVersity 1.9.7 (streaming)
14 Mar 2012: adv - tversity_1
Directory traversal in NetDecision 4.6.1 (enterprise)
07 Mar 2012: adv - netdecision_1
Vulnerabilities in xArrow 3.2 (SCADA)
02 Mar 2012: adv - poc - xarrow_1
File vulnerability in Beckhoff TwinCAT (SCADA)
02 Mar 2012: adv - twincat_2
Adobe Shockwave iml32.dll DEMX Remote Code Execution Vulnerability (media)
01 Mar 2012: zdi-12-041 - shockwave_*
ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability (SCADA)
22 Feb 2012: zdi-12-033 - adv - abb_1
Heap corruption in Unity 3d Web Player 3.2.0.61061 (game)
21 Feb 2012: adv - unity3d_1
Vulnerabilities in Buzz (build 1458) (media)
20 Feb 2012: adv - buzz_1
Vulnerabilities in Psycle 1.10.0 (media)
18 Feb 2012: adv - psycle_1
Arbitrary memory corruption in Novell GroupWise Messenger 2.1.0 (enterprise)
16 Feb 2012: adv - nmma_3
Memory corruption in Novell GroupWise Messenger 2.1.0 (enterprise)
16 Feb 2012: adv - nmma_1
Unicode stack overflow in Novell GroupWise Messenger client 2.1.0 (enterprise)
16 Feb 2012: adv - nim_1
Vulnerabilities in XnView 1.98.5 (media)
16 Feb 2012: adv - xnview_1
Vulnerabilities in R4 1.25 (no tag)
09 Feb 2012: adv - r4_1
Vulnerabilities in R2 1.65 (no tag)
09 Feb 2012: adv - r2_1
Vulnerabilities in RealPlayer (media)
07 Feb 2012: info - real_*
Vulnerabilities in Quicktime (media)
03 Feb 2012: info - quicktime_*
Two Denials of Service in Rockwell RNADiagReceiver 2.40.0.12 (SCADA)
17 Jan 2012: adv - rnadiagreceiver_1
Directory traversal in NeoAxis Web Player 1.4 (game)
15 Jan 2012: adv - neoaxis_1
Vulnerabilities in ExpressView Browser Plug-in (MrSID) 6.5 (no tag)
11 Jan 2012: adv - expressview_1
Arbitrary NULL byte writing in SumatraPDF 1.9 (no tag)
09 Jan 2012: adv - poc - sumatrapdf_1
Apple Quicktime JPEG2000 COD and RLE BGRA Decoding Remote Code Execution Vulnerability (media)
05 Jan 2012: zdi-12-004 - zdi-12-005 - quicktime_*
WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability (SCADA)
22 Dec 2011: zdi-11-351 - adv - kingview_1
Adobe Shockwave NPAPI Plug-in Drag and Drop Remote Code Execution Vulnerability (media)
17 Dec 2011: zdi-11-349 - shockwave_*
Microsoft OLE CPropertyStorage::ReadMultiple Variant Type Confusion Vulnerability (ms11-093) (enterprise)
13 Dec 2011: adv - poc - ms - id966 - ole32_1
TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability (enterprise)
07 Dec 2011: zdi-11-345 - adv - tmcm_2
Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability (media)
07 Dec 2011: zdi-11-340 - quicktime_*
RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability (media)
07 Dec 2011: zdi-11-343 - real_*
Vulnerabilities in Serv-U 11.1.0.3 (no tag)
03 Dec 2011: adv - poc - poc - servu_1
Endless loop in CyberLink PowerDVD 11.0.0.2114 (no tag)
03 Dec 2011: adv - powerdvd_1
Vulnerabilities in 3S CoDeSys 3.4 SP4 Patch 2 (SCADA)
29 Nov 2011: adv - codesys_1
Use-after-free in Microsys PROMOTIC 8.1.4 (SCADA)
28 Nov 2011: adv - promotic_3
Vulnerabilities in Siemens Automation License Manager (SCADA)
28 Nov 2011: adv - poc - almsrvx_1
Vulnerabilities in Siemens SIMATIC WinCC flexible 2008 SP2 (SCADA)
28 Nov 2011: adv - winccflex_1
Vulnerabilities in Real Player 14.0.7 (media)
18 Nov 2011: zdi-11-331 - zdi-11-332 - zdi-11-338 - real_*
InduSoft WebStudio vulnerabilities (SCADA)
16 Nov 2011: zdi-11-329 - zdi-11-330 - adv? - adv - adv - adv - adv - indusoft_*
Denials of Service in Optima APIFTP Server 1.5.2.13 (SCADA)
13 Nov 2011: adv - optimalog_1
Adobe Shockwave .w32 FLST Heap Buffer Overflow Vulnerability (media)
09 Nov 2011: id961 - shockwave_?
GE Proficy Historian ihDataArchiver.exe Trusted Header Size Remote Code Execution Vulnerability (SCADA)
07 Nov 2011: zdi-11-320 - adv - ifix_1
Vulnerabilities in HP Data Protector Media Operations 6.20 (enterprise)
03 Nov 2011: adv - adv - hpdpmedia_1/2
Use-after-free in Excel for Office 2003 11.8335.8333 SP3 (enterprise)
two advisories but probably the same bug. no additional research, released as-is
03 Nov 2011: adv - adv - excel_1/2
ActiveX bug in Microsys PROMOTIC 8.1.4 (SCADA)
30 Oct 2011: adv - promotic_2
Vulnerabilities in Quicktime (media)
26 Oct 2011: zdi-11-304 - zdi-11-311 - zdi-11-314 - quicktime_*
Novell/GroupWise Messenger Server Memory Disclosure Vulnerability (enterprise)
25 Oct 2011: adv - nmma_2
Vulnerabilities in Novell ZenWorks Handheld Management (enterprise)
18 Oct 2011: id954 - id953 - (search zenworks for the other adv) - zenworks_*
Vulnerabilities in Microsys PROMOTIC 8.1.4 (SCADA)
13 Oct 2011: adv - promotic_1
Vulnerabilities in atvise webMI2ADS 1.0 (SCADA)
10 Oct 2011: adv - webmi2ads_1
Use after free in IRAI AUTOMGEN 8.022 (SCADA)
10 Oct 2011: adv - automgen_1
Denial of Service in OPC Systems.NET 4.00.0048 (SCADA)
10 Oct 2011: adv - opcnet_1
Vulnerabilities in Cytel Studio 9 (no tag)
02 Oct 2011: adv - cytel_1
Vulnerabilities in GenStat 14.1.0.5943 (no tag)
01 Oct 2011: adv - genstat_1
Reference for a vulnerability in atvise server 2.0.0.3291 (SCADA)
30 Sep 2011: adv - atvise_1
Arbitrary memory corruption in NCSS 07.1.21 (no tag)
28 Sep 2011: adv - ncss_1
Vulnerabilities in PcVue 10 (SCADA)
27 Sep 2011: adv - pcvue_1
Integer overflow in Sterling Trader 7.0.2 (finance)
25 Sep 2011: adv - sterling_1
Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)
22 Sep 2011: adv - forcecontrol_1
Vulnerabilities in EViews 7.2 (no tag)
19 Sep 2011: adv - eviews_1
Vulnerabilities in MetaServer RT 3.2.1.450 (finance)
19 Sep 2011: adv - metaserver_1
Code execution in MetaStock 11 (finance)
13 Sep 2011: adv - poc - metastock_1
Vulnerabilities in eSignal 10.6.2425 (finance)
13 Sep 2011: adv - poc - esignal_1
Multiple vulnerabilities in Cogent DataHub 7.1.1.63 (SCADA)
13 Sep 2011: adv - adv - adv - adv - cogent_*
Stack overflow in DAQFactory 5.85 build 1853 (SCADA)
13 Sep 2011: adv - daqfactory_1
Multiple vulnerabilities in Progea Movicon / PowerHMI 11.2.1085 (SCADA)
13 Sep 2011: adv - adv - adv - movicon_*
Directory traversal in Carel PlantVisor 2.4.4 (SCADA)
13 Sep 2011: adv - plantvisor_1
Heap overflow in Rockwell RSLogix 19 (FactoryTalk RnaUtility.dll) (SCADA)
13 Sep 2011: adv - rslogix_1
Multiple vulnerabilities in Measuresoft ScadaPro 4.0.0 (SCADA)
13 Sep 2011: adv - scadapro_1
Denial of Service in Beckhoff TwinCAT 2.11.0.2004 (SCADA)
13 Sep 2011: adv - twincat_1
Vulnerabilities in BroadWin WebAccess Client 1.0.0.10 (SCADA)
02 Sep 2011: adv - poc - bwocxrun_1
calloc integer overflow in MPlayer on Windows (media)
02 Sep 2011: adv - mplayerwin_1
Limited directory traversal in CodeMeter 4.30c (no tag)
02 Sep 2011: adv - codemeter_1
Multiple vulnerabilities in HP SiteScope 11.10 (enterprise)
26 Aug 2011: adv - adv - sitescope_1/2
Multiple vulnerabilities in Symantec Veritas Storage Foundation (enterprise)
17 Aug 2011: zdi-11-262 - zdi-11-263 - zdi-11-264 - adv - adv - adv - veritas_*
FlexNet License Server Manager Remote Code Execution Vulnerability (enterprise)
17 Aug 2011: adv - zdi-11-272 - fnplm_1
Multiple vulnerabilities in RealPlayer 14.0.5 (media)
16 Aug 2011: zdi-11-268 - cve - cve - cve - real_*
Upload directory traversal in Novell ZenWorks Asset Management 7.5 (enterprise)
16 Aug 2011: adv - zenasset_1
Sybase Adaptive Server Backup and Monitor Server vulnerabilities (enterprise)
29 Jul 2011: zdi-11-245 - zdi-11-246 - adv - adv - sybase_1/2
FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability (enterprise)
28 Jul 2011: adv - zdi-11-244 - fnplm_2
TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability (enterprise)
12 Jul 2011: zdi-11-235 - adv - tmcm_1
Integer overflow in foobar2000 1.1.7 (media)
03 Jul 2011: adv - poc - foobar2000_1
HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability (enterprise)
01 Jul 2011: zdi-11-232 - adv - inodemc_1
Multiple vulnerabilities in Apple QuickTime (media)
29 Jun 2011: id927 - zdi-11-229 - zdi-11-230 - quicktime_2/5/7
in_midi multiple vulnerabilities in Winamp and Essentials Pack 5.61 (media)
27 Jun 2011: adv - poc - winamp_3
Multiple vulnerabilities in Winamp 5.61 (media)
27 Jun 2011: adv - poc - winamp_2
Arbitrary files deletion in HP OpenView Communication Broker (enterprise)
27 Jun 2011: adv - ovbbccb_1
Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2 (enterprise)
27 Jun 2011: adv - zfhsrvr_1
Arbitrary files deletion in Novell File Reporter 1.0.4.2 (enterprise)
27 Jun 2011: adv - nfr_2
Off-by-one in Sybase Advantage Server 10.0.0.3 (enterprise)
27 Jun 2011: adv - sybase_4
bcksrvr format string in Sybase Adaptive Server 15.5 (enterprise)
27 Jun 2011: adv - sybase_3
Stack overflow in Kart Racing Pro, GP Bikes and World Racing Series (game)
27 Jun 2011: adv - piboso_1
NULL pointer in Shockvoice 0.9.5.2941 (game)
27 Jun 2011: adv - shockvoice_1
NULL pointer in NVIDIA RealityServer 3.1.1 (no tag)
27 Jun 2011: adv - realityserver_1
Some vulnerabilities in third parties servers for Minecraft (game)
27 Jun 2011: adv - minecraft_like
Some vulnerabilities in Ubisoft Gaming Zone (aka GS4) (game)
27 Jun 2011: adv - poc - gs4_1
Multiple vulnerabilities in Adobe Shockwave (media)
15 Jun 2011: zdi-11-202 - zdi-11-203 - zdi-11-204 - zdi-11-205 - zdi-11-206 - zdi-11-207 - zdi-11-208 - zdi-11-209 - zdi-11-210 - zdi-11-212 - zdi-11-214 - zdi-11-216 - id919 - id920 - id921 - id922 - shockwave_*
NULL pointer in iMatix Xitami 5.0a0 (no tag)
04 Jun 2011: adv - xitami_1
Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability (enterprise)
03 Jun 2011: zdi-11-171 - adv - onebridge_1
HP 3COM/H3C Intelligent Management Center img recv Remote Code Execution Vulnerability (enterprise)
31 May 2011: zdi-11-170 - adv - imc_4
Integer overflow in Quest NetVault SmartDisk 1.2.2 (enterprise)
28 May 2011: adv - poc - percolator_1
Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability (ms11-035) (enterprise)
10 May 2011: adv - zdi-11-167 - ms - wins_1
Vulnerabilities in Quest Big Brother 4.40 (enterprise)
10 May 2011: adv1 - adv2 - bbntd_1/2
Multiple vulnerabilities in HP 3COM/H3C Intelligent Management Center (enterprise)
10 May 2011: zdi-11-160 - zdi-11-161 - zdi-11-162 - zdi-11-163 - zdi-11-164 - zdi-11-165 - zdi-11-166 - adv - adv - adv - adv - adv - adv - adv - imc_*
Sybase M-Business Anywhere agd.exe username Parameter Remote Code Execution Vulnerability (enterprise)
09 May 2011: zdi-11-156 - adv - agd_1
Stack overflow in Microsoft HTML Help 6.1 (CHM files) (no tag)
12 Apr 2011: adv - poc - chm_1
Vulnerabilities in Microsoft Reader 2.1.1.3143 / 2.6.1.7169 (no tag)
11 Apr 2011: adv1 - adv2 - adv3 - adv4 - adv5 - msreader_1/5
DoS vulnerabilities in Microsoft Host Integration Server 2010 8.5.4224.0 (enterprise)
11 Apr 2011: adv - snabase_1
Vulnerabilities in Siemens Tecnomatix FactoryLink 8.0.1.1473 (SCADA)
21 Mar 2011: adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - factorylink_1/6
Vulnerabilities in Iconics GENESIS32 9.21 and GENESIS64 10.51 (SCADA)
21 Mar 2011: adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - adv8 - adv9 - adv10 - adv11 - adv12 - adv13 - genesis_1/13
Vulnerabilities in 7-Technologies IGSS 9.00.00.11059 (SCADA)
21 Mar 2011: adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - adv8 - igss_1/8
Vulnerabilities in DATAC RealWin 2.1 (Build 6.1.10.10) (SCADA)
21 Mar 2011: adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - realwin_2/8
Heap overflow in RealPlayer 14.0.2.633 (media)
21 Mar 2011: adv - poc - real_5
Refractor 2 engine NULL pointer (game)
Battlefield 2 (1.50), Battlefield 2142 (1.51), ...
19 Feb 2011: adv - poc - bf2null
Shockwave Player 11.5.9.615 (media)
08 Feb 2011: zdi-11-080 - zdi/tpti-11-05 - shockwave_*
Code execution in Microsoft Fax Cover Page Editor 5.2.3790.3959 (no tag)
19 Jan 2011: adv - poc - fxscover_1
Stack overflow in Winlog 2.07.00 (SCADA)
13 Jan 2011: adv - winlog_1
Directory traversal in IntegraXor 3.6.4000.0 (SCADA)
21 Dec 2010: adv - integraxor_1
Wonderware InBatch 9.0sp1 (SCADA)
07 Dec 2010: adv - inbatch_1
Memory leak in Call of Duty Black Ops (game)
18 Nov 2010: adv - cod7mem
Two buffer-overflow in DATAC RealWin 2.0 (Build 6.1.8.10) (SCADA)
15 Oct 2010: adv - poc - realwin_1
Multiple Denial of Service in UniData unirpcd.exe 7.2.7.3806 (enterprise)
15 Oct 2010: adv - poc - unirpcd_1
Denial of Service in solidDB 6.5.0.3 (enterprise)
15 Oct 2010: adv - poc - soliddb_1
Multiple buffer-overflows in Winamp 5.5.8.2985 (media)
13 Oct 2010: adv - poc - winamp_1
Lithtech engine memory corruption (game)
F.E.A.R., F.E.A.R. 2, probably any other game based on this engine, ...
20 Jul 2010: adv - poc - fearless
Vulnerabilities in Microsoft DirectPlay8 (game)
any game based on DP8 like Robot Arena 2, Dungeon Siege 2, Vietcong, Deer Hunter 2004 and 2005, Trophy Hunter 2003, Homeworld 2, Freelancer, Giants, Sacrifice, SWINE, Wings of War, ...
18 Jul 2010: adv - poc - dplay8blah
Invalid memory access in Unreal Tournament 3 2.1 (game)
17 Jul 2010: adv - ut3steamer
Failed assertion in old games based on Unreal engine (game)
Raven Shield, Deus Ex, Land of the Dead, Postal 2, Rune, Shadow Ops, Unreal 2, UT, UT2003, WarPath, XIII, ...
15 Jul 2010: adv - unreliable
Two vulnerabilities in Ghost Recon Advanced Warfighter 1 and 2 (game)
07 Jul 2010: adv - grawful
Clients unicode buffer-overflow in Unreal engine 2.5 (game)
UT2004, UT2003, SWAT4, Postal2, RavenShield, ...
06 Jul 2010: adv - unrealcbof
Negative memcpy in id Tech 4 engine (game)
Enemy Territory: Quake Wars, Wolfenstein, ...
05 Jul 2010: adv - idtech4key
NULL pointer in Tripwire Interactive games (game)
Red Orchestra, Killing Floor, Darkest Hour, Mare Nostrum...
05 Jul 2010: adv - tripwireless
Denials of Service in Freeciv 2.2.1 (game)
03 Jul 2010: adv - poc - freecivet
Buffer-overflow in the Electronic Arts games that use Gamespy (game)
Command Conquer 3, Red Alert 3, Battle for Middle-Earth, Battle for Middle-Earth 2, ...
01 Jul 2010: adv - eagsbof
Buffer-overflow in Area 51 1.1 (game)
30 Jun 2010: adv - a51senseless
Refractor 2 engine clients URL directory traversal (game)
Battlefield 2, Battlefield 2142, ...
29 Jun 2010: adv - bf2urlz
Battlefield 2 1.50 voip failed assertion (game)
29 Jun 2010: adv - bf2voipz
Endless loop in Qt QSSLsocket 4.6.3 (no tag)
29 Jun 2010: adv - poc - qtsslame
Database error in Mumble server 1.2.2 (game)
29 Jun 2010: adv - poc - mumbleed
Vulnerabilities in America's Army 3 3.0.7 (game)
20 Jun 2010: adv - poc - aa3again
Client array overflow in id Tech 4 engine (game)
Enemy Territory: Quake Wars, Wolfenstein, ...
19 Jun 2010: adv - poc - idtech4carray
Client buffer-overflow in Enemy Territory: Quake Wars 1.5 (game)
18 Jun 2010: adv - poc - etqwcbof
Exception in Chrome Engine 4 (game)
Call of Juarez: Bound in Blood, Sniper: Ghost Warrior, ...
17 Jun 2010: adv - poc - chromerda
Multiple vulnerabilities in TeamSpeak 3.0.0-beta23 (game)
16 Jun 2010: adv - poc - teamspeakrack
Refractor 2 engine endless loop (game)
Battlefield 2 (1.41), Battlefield 2142, ...
06 Jun 2010: adv - poc - bf2loop
Multiple vulnerabilities in the Gem3 engine (game)
Majesty 2, ...
12 May 2010: adv - poc - gem3bugs
Denial of Service in GameCore 2.5 (game)
12 May 2010: adv - gamecorex
Invalid memory access in Torque game engine (game)
Metal Drift, Cyber Wing, Legends, 3D RC Racing, Burger Warz, Singularity, Blockland, Mach 1, Buccaneer, Once upon a time, PenguinsArena, ...
09 May 2010: adv - poc - torqueer
Multiple vulnerabilities in Alien vs Predator 2.22 (game)
07 May 2010: adv - poc - avp3dos
Buffer-overflow and exceptions in X-Motor Racing 1.275 (server 1.24) (game)
06 May 2010: adv - poc - xmotorbof
Buffer-overflow and NULL pointer in netKar 1.1 (server 1.0.3) (game)
13 Apr 2010: adv - poc - netkarbof
Denial of Service in Unity 2.61 (game)
25 Mar 2010: adv - disunity
Null pointer in Raknet 3.72 (game)
25 Mar 2010: adv - rakkia
NULL pointer and format string in Ca3D/Cafu engine 9.06/r39 (game)
22 Mar 2010: adv - cafux
Buffer-overflow in MX Simulator 2010-02-06 (game)
22 Mar 2010: adv - mxsx
Access violation in Ventrilo client 3.0.5 with Speex codec (game)
10 Sep 2009: adv - poc - ventspeex
Voice memset overflow in Ventrilo client 3.0.5 (game)
08 Sep 2009: adv - poc - ventrilomemset
Server restart in Live for Speed S2 Z13 (game)
23 Aug 2009: adv - lfsreset
Fragments memory corruption in the Source engine (build 3933) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
20 Aug 2009: adv - PoC_LAN - sourcefraghof
Files uploading vulnerabilities in the Source engine (build 3933 and 3950) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
19 Aug 2009: adv - poc - PoC_LAN - sourceupfile
NULL pointer in the Source engine (build 3933) with SourceTV disabled (game)
Half-Life 2, Counter-Strike Source, (Valve has confirmed also OrangeBox, Team Fortress 2, Left 4 Dead), ...
18 Aug 2009: adv - poc - sourcenotvnull
Format string in the Source engine (build 3933) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
17 Aug 2009: adv - poc - PoC_LAN - sourcefs
Multiple NULL pointers in Sniper Elite 1.0 (game)
14 Aug 2009: adv - poc - snipernull
Format string in Vietcong 2 1.10 (game)
12 Aug 2009: adv - vietcong2fs
Multiple vulnerabilities in the GEM 2 engine (game)
Men of War, Faces of War, ...
11 Aug 2009: adv - gem2bugs
Denial of Service in PunkBuster (09 Aug 2009) (game)
America's Army 2/3, Battlefield 2*, Call of Duty 1/2/4/5, Crysis, DOOM 3, Enemy Territory, ETQW, FEAR, Fuel of War, Need for Speed, Quake 3/4, RTCW, Soldier of Fortune II, Wolfenstein, ...
09 Aug 2009: reference - pbmsgsdos2
Buffer-overflow in PunkBuster 1.728 for Soldier of Fortune II (game)
09 Aug 2009: adv - sof2pbbof
Clients NULL pointer in TrackMania 2.11.19 (game)
07 Aug 2009: adv - poc - tmnullever
Unbannable clients and bell bug in TrackMania Forever v2009-08-01 / 2.11.19 (game)
07 Aug 2009: adv - poc - tmbellban
Clients termination in TrackMania Forever 2.11.19 (game)
04 Aug 2009: adv - tmlocdos
Multiple vulnerabilities in TrackMania Forever v2009-05-25 / 2.11.19 (game)
27 Jul 2009: adv - poc - tm4never
Access violation in Star Wars Battlefront II 1.1 (game)
24 Jul 2009: adv - swbf2seven
Buffer-overflow in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009: adv - poc - stalkerbof
Unhandled malloc exception in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009: adv - poc - stalkazz
Unhandled exception in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009: adv - poc - dirtysky
Temporary freezing in Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
21 Jul 2009: adv - crysisdos
Format string in Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
21 Jul 2009: adv - poc - crysisfs
Access violation in the HTTP/XML-RPC service of Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
20 Jul 2009: adv - crysisviol
Negative memcpy in Armed Assault 1.14 and ArmA 2 1.04 (game)
18 Jul 2009: adv - poc - armadioz
Format string in Armed Assault 1.14 and ArmA 2 1.04 (Real Virtuality engine) (game)
ArmA, ArmA2, Operation Flashpoint, VBS1, VBS2, ...
18 Jul 2009: adv - poc - armazzofs
Memory bug in Armed Assault 1.14 and ArmA 2 1.04 (Real Virtuality engine) (game)
ArmA, ArmA2, Operation Flashpoint, VBS1, VBS2, ...
18 Jul 2009: adv - poc - armazzo
Wrong type assert in World in Conflict 1.0.1.1 (game)
16 Jul 2009: adv - poc - wicass2
Negative memset overflow in America's Army 3 3.0.8 (game)
15 Jul 2009: adv - poc - aa3memset
NULL pointer and access violation in America's Army 3 3.0.8 (game)
15 Jul 2009: adv - poc - aa3pwood
Packets loop in America's Army 3.0.6 (game)
14 Jul 2009: adv - aa3mah
Resource consumption and crash in America's Army 3 3.0.6 (game)
13 Jul 2009: adv - aa3boh
NULL pointer in America's Army 3 3.0.4 (game)
06 Jul 2009: adv - aa3blah
Reference for a couple of bugs in HTTP File Server (no tag)
05 Feb 2009: adv - hfsref
Directory traversal in the webadmin of Unreal Tournament 3 1.3 (game)
21 Sep 2008: adv - ut3webown
Failed assertion in the Unreal engine (game)
Unreal Tournament 3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow Ops, ...
15 Sep 2008: adv - poc - unreaload
Server termination in the Unreal engine 3 (game)
Unreal Tournament 3, Frontlines: Fuel of War, America's Army 3, HomeFront ...
11 Sep 2008: adv - poc - ut3sticle
Clients format strings in the Unreal engine (game)
11 Sep 2008: adv - poc - unrealcfs
NULL pointer in Ventrilo 3.0.2 (game)
13 Aug 2008: adv - poc - ventrilobotomy
NULL pointer in Skulltag 0.97d2-RC3 (game)
11 Aug 2008: adv - poc - skulltagod
Endless loop and resources consumption in Halo 1.0.7.0615 (game)
06 Aug 2008: adv - poc - poc - halonsoloop3
Server termination in America's Army 2.8.3.1 (game)
02 Aug 2008: adv - poc - armynchia
Memory corruption and NULL pointer in Unreal Tournament III 1.2 (game)
Unreal Tournament 3, America's Army 3 ...
30 Jul 2008: adv - poc - ut3mendo
NULL pointer in Unreal Tournament 2004 v3369 (game)
affects also other games like Red Orchestra, Shadow Ops: Red Mercury, ...
30 Jul 2008: adv - poc - ut2004null
NULL pointer in ZDaemon 1.08.07 (game)
21 Jul 2008: adv - poc - zdaemonull
Vulnerabilities in SWAT 4 1.1 (game)
20 Jul 2008: adv - swat4x
Endless loop in Soldner 33724 (game)
01 Jul 2008: adv - poc - usurdat
Endless loop in Halo 1.07 (game)
29 Jun 2008: adv - poc - haloloop2
Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006 (game)
28 Jun 2008: adv - poc - stalker39x
Some bugs in SunAge 1.08.1 (game)
23 Jun 2008: adv - poc - sunagex
Double Denial of Service in Call of Duty 4 1.7 (game)
22 Jun 2008: adv - poc - cod4vamap
NULL pointer in World in Conflict 1.009 (game)
22 Jun 2008: adv - poc - wicboom
Server freezed in Skulltag 0.97d2-RC2 (game)
16 Jun 2008: adv - poc - skulltagloop
NULL pointer in the HTTP/XML-RPC service of Crysis 1.21 (game)
16 Jun 2008: adv - dontcrysis
Denial of Service in S.T.A.L.K.E.R. 1.0006 (game)
15 Jun 2008: adv - poc - stalkerboom
Information disclosure in Crysis 1.21 (game)
15 Jun 2008: adv - poc - crysislog
Multiple vulnerabilities in WebMod 0.48 (game)
03 May 2008: adv - webmodz
Denial of Service in Call of Duty 4 1.5 (game)
02 May 2008: adv - PoC (requires sudppipe) - PoC for LAN - cod4statz
Denial of Service in eTrust Secure Content Manager r8 (enterprise)
18 Apr 2008: adv - poc - ecsqdamn
Invalid memory access in CA ARCserve Backup 12.0.5454.0 (enterprise)
17 Apr 2008: adv - poc - carcbackazz
Denial of Service in PunkBuster (22 Oct 2007 and 09 Aug 2009) (game)
America's Army 2/3, Battlefield 2*, Call of Duty 1/2/4/5, Crysis, DOOM 3, Enemy Territory, ETQW, FEAR, Fuel of War, Need for Speed, Quake 3/4, RTCW, Soldier of Fortune II, Wolfenstein, ...
16 Apr 2008: adv - poc - new PoC - pbmsgsdos
Directory traversal in BigAnt Messenger 2.2 (no tag)
16 Apr 2008: adv - biggayant
CGI source disclosure in Ruby WEBrick 1.9.0 (FAT/NTFS) (no tag)
15 Apr 2008: adv - webrickcgi
Reference advisory for old bugs in HP OpenView NNM 7.50/7.51 (enterprise)
15 Apr 2008: adv - closedview_old
NULL pointer in Nero MediaHome 3.3.3.0 (no tag)
12 Apr 2008: adv - neromedia
Upload directory traversal in HP LoadRunner 9.10 (enterprise)
12 Apr 2008: adv - poc - willycoyote
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 (enterprise)
11 Apr 2008: adv - closedviewx
Denial of Service in SmarterMail 5.0.2999 (no tag)
11 Apr 2008: adv - dumbermail
Memory corruption in HP OpenView Network Node Manager 7.53 (enterprise)
08 Apr 2008: adv - poc - closedview
Directory traversal in LANDesk Management Suite 8.80.1.1 (enterprise)
01 Apr 2008: adv - landesktftp
Directory traversal in 2X ThinClientServer v5.0_sp1-r3497 (enterprise)
29 Mar 2008: adv - thindirtrav
Denial of Service in SLMail Pro 6.3.1.0 (no tag)
29 Mar 2008: adv - slmaildos
Multiple vulnerabilities in solidDB 06.00.1018 (enterprise)
26 Mar 2008: adv - poc - soliduro
Buffer-overflow in ASUS Remote Console 2.0.0.24 (no tag)
21 Mar 2008: adv - asuxdpc
Multiple heap overflows in xine-lib 1.1.11 (media)
20 Mar 2008: adv - poc - xinehof
Buffer-overflow in BootManage TFTPD 1.99 (enterprise)
16 Mar 2008: adv - bootixtftpd
Multiple vulnerabilities in Net Inspector 6.5.0.828 (enterprise)
14 Mar 2008: adv - netinsp
Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) (enterprise)
12 Mar 2008: adv - poc - meccaffi
Vulnerabilities in Timbuktu Pro 8.6.5 (enterprise)
10 Mar 2008: adv - poc - timbuto
Multiple vulnerabilities in ASG-Sentry 7.0.0 (enterprise)
10 Mar 2008: adv - asgulo
NULL pointer in Remotely Anywhere 8.0.668 (enterprise)
08 Mar 2008: adv - remotelynowhere
Directory traversal in Argon Client Management Services 1.31 (enterprise)
08 Mar 2008: adv - argonauti
Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076 (enterprise)
08 Mar 2008: adv - acropxe
Invalid memory access in Acronis True Image Group Server 1.5.19.191 (enterprise)
08 Mar 2008: adv - acrogroup
NULL pointer in Acronis True Image Windows Agent 1.0.0.54 (enterprise)
08 Mar 2008: adv - acroagent
Denial of Service in PacketTrap TFTP server 2.0.3901.0 (enterprise)
08 Mar 2008: adv - packettrash
Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13 (enterprise)
07 Mar 2008: adv - poc - maildisable
Directory traversal in MicroWorld eScan Server 9.0.742.98 (enterprise)
06 Mar 2008: adv - escaz
Multiple vulnerabilities in Perforce Server 2007.3/143793 (enterprise)
05 Mar 2008: adv - poc - perforces
Arbitrary commands execution in Versant Object Database 7.0.1.3 (enterprise)
04 Mar 2008: adv - poc - versantcmd
Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03 (enterprise)
03 Mar 2008: adv - poc - visibroken
Multiple vulnerabilities in Borland StarTeam MPX 6.7 (enterprise)
02 Mar 2008: adv - poc - starteammpx
Multiple integer overflows in Borland StarTeam server 10.0.0.57 (enterprise)
02 Mar 2008: adv - poc - starteamz
Denial of Service in SmsGate 1.1n (no tag)
28 Feb 2008: adv - smsgheit
Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products (enterprise)
27 Feb 2008: adv - poc - officescaz
NULL pointer in SurgeFTP 2.3a2 (enterprise)
25 Feb 2008: adv - surgeftpizza
Format string and buffer-overflow in SurgeMail 38k4 (enterprise)
25 Feb 2008: adv - poc - surgemailz
Multiple vulnerabilities in Double-Take 5.0.0.2865 (enterprise)
22 Feb 2008: adv - poc - doubletakedown
Denial of Service in Zilab Remote Console Server 3.2.9 (no tag)
21 Feb 2008: adv - poc - zilabzrcsdos
Multiple vulnerabilities in Zilab Chat and Instant Messaging 2.1 (no tag)
21 Feb 2008: adv - poc - zilabzcsx
Heap overflow in Sybase MobiLink 10.0.1.3629 (enterprise)
20 Feb 2008: adv - poc - mobilinkhof
Multiple buffer-overflow in NowSMS v2007.06.27 (no tag)
19 Feb 2008: adv - poc - nowsmsz
Directory traversal in SCI Chat v3.4.9 (no tag)
19 Feb 2008: adv - scichatdt
Access violation and limited information disclosure in webcamXP 3.72.440.0 (no tag)
18 Feb 2008: adv - webcamxp
NULL pointer crash in freeSSHd 1.20 (no tag)
17 Feb 2008: adv - poc - freesshdnull
Two heap overflow in Foxit WAC Server 2.0 Build 3503 (enterprise)
16 Feb 2008: adv - poc - wachof
Directory traversal and DoS in WinIPDS G52-33-021 (enterprise)
12 Feb 2008: adv - winipds
Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11 (enterprise)
11 Feb 2008: adv - poc - rpmlpdbof
Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105 (enterprise)
11 Feb 2008: adv - lstnpsx
Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x (enterprise)
11 Feb 2008: adv - poc - cyanuro
Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 (enterprise)
10 Feb 2008: adv - sentinella
Multiple vulnerabilities in ExtremeZ-IP File and Printer Server 5.1.2x15 (enterprise)
10 Feb 2008: adv - poc - ezipirla
NULL byte writing in Emerald, RadiusNT/X and Air Marshal (enterprise)
08 Feb 2008: adv - emerdal
Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1 (enterprise)
07 Feb 2008: adv - poc - ipsimene
Logs visualization in WS_FTP Server Manager 6.1.0.0 (enterprise)
06 Feb 2008: adv - wsftpweblog
Chat vulnerabilities in TinTin++ 1.97.9 (game)
06 Feb 2008: adv - poc - rintintin
Multiple vulnerabilities in WinCom LPD Total 3.0.2.623 (enterprise)
04 Feb 2008: adv - poc - wincomalpd
Multiple vulnerabilities in SAPlpd 6.28 and SAPSprint 1018 (enterprise)
04 Feb 2008: adv - poc - saplpdz
Socket termination in WS_FTP FTP Log Server 7.9.14.0 (enterprise)
04 Feb 2008: adv - ftplogsrvz
Denial of Service in Print Manager Plus 7.0.127.16 (enterprise)
31 Jan 2008: adv - pqcorez
Crash in BitTorrent 6.0.1 and uTorrent 1.7.6 through webui (p2p)
27 Jan 2008: adv - poc - ruttorrent2
Multiple crashes in Steamcast 0.9.75 (streaming)
24 Jan 2008: adv - steamcazz
Peers unicode overflow in BitTorrent 6.0 and uTorrent 1.7.5 (p2p)
16 Jan 2008: adv - poc - ruttorrent
Buffer-overflow in Quicktime Player 7.3.1.70 (media)
10 Jan 2008: adv - poc - quicktimebof
Pre-auth remote commands execution in SAP MaxDB 7.6.03.07 (enterprise)
09 Jan 2008: adv - poc - sapone
rmff_dump_header heap-overflow in Xine 1.1.9 (media)
08 Jan 2008: adv - xinermffhof
sdpplin_parse heap-overflow in VLC 0.8.6d (media)
08 Jan 2008: adv - vlcxhof
report buffer-overflow in xtacacsd 4.1.2 (enterprise)
08 Jan 2008: adv - poc - xtacacsdz
Multiple vulnerabilities in yaSSL 1.7.5 (enterprise)
04 Jan 2008: adv - poc - PoC_mySQL - yasslick
Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003 (enterprise)
02 Jan 2008: adv - poc - gswsshit
Buffer-overflow and format string in White_Dune 0.29beta791 (no tag)
02 Jan 2008: adv - poc - whitedunboffs
Denial of Service in Pragma FortressSSH 5.0.4.293 (enterprise)
02 Jan 2008: adv - poc - pragmassh
Denial of Service in Pragma TelnetServer 7.0.4.589 (enterprise)
02 Jan 2008: adv - poc - pragmatel
Exception message in Seattle Lab Telnet Server 4.1.1.3758 (enterprise)
02 Jan 2008: adv - poc - slnetmsg
Exception message in VanDyke VShell 3.0.3.569 (enterprise)
02 Jan 2008: adv - poc - vshellmsg
Buffer-overflow in CoolPlayer 217 (media)
28 Dec 2007: adv - culplayer
Buffer-overflow in Extended Module Player 2.5.1 (media)
27 Dec 2007: adv - poc - xmpbof
Multiple vulnerabilities in libnemesi 0.6.4-rc1 (streaming)
27 Dec 2007: adv - poc - libnemesibof
Multiple vulnerabilities in Feng 0.1.15 (streaming)
27 Dec 2007: adv - poc - fengulo
Unicode buffer-overflow in Zoom Player 6.00b2 (media)
24 Dec 2007: adv - poc - zoomprayer
Buffer-overflow and format string in VideoLAN VLC 0.8.6d (media)
24 Dec 2007: adv - poc - vlcboffs
Double directory traversal in ImgSvr 0.6.21 (no tag)
24 Dec 2007: adv - imgsvr
Buffer-overflow in WinUAE 1.4.4 (game)
21 Dec 2007: adv - poc - winuaebof
Array overflow in id3lib (devel CVS) (media)
19 Dec 2007: adv - poc - id3libexec
Some buffer-overflow in ProWizard 1.62 (media)
19 Dec 2007: adv - poc - prowizbof
Two vulnerabilities in Cherokee r952 for Windows (no tag)
17 Dec 2007: adv - cherokaz
Heap overflow in PeerCast 0.1217 / SVN 344 (streaming)
17 Dec 2007: adv - poc - peercasthof
Multiple vulnerabilities in BarracudaDrive 3.7.2 (enterprise)
10 Dec 2007: adv - barradrive
Multiple vulnerabilities in BadBlue 2.72b (enterprise)
10 Dec 2007: adv - badblue
Filesystem access in DOSBox 0.72 (game)
10 Dec 2007: adv - poc - dosboxxx
Upload directory traversal in Easy File Sharing 4.5 (no tag)
07 Dec 2007: adv - poc - efsup
Two vulnerabilities in Simple HTTPD 1.38 (no tag)
07 Dec 2007: adv - shttpd
Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146) (no tag)
05 Dec 2007: adv - hfsup
Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 (streaming)
03 Dec 2007: adv - poc - fireflyz
Two DoS in I Hear U 0.5.6 (no tag)
20 Nov 2007: adv - poc - ihudos
Static buffer overflow in Rigs of Rods 0.33d (game)
19 Nov 2007: adv - poc - rorbof
Crash in LIVE555 Media Server 2007.11.01 (streaming)
18 Nov 2007: adv - poc - live555x
assert() DoS in World in Conflict 1.001 (game)
26 Oct 2007: adv - poc - wicassert
Clients buffer-overflow in Live for Speed 0.5Y (game)
13 Oct 2007: adv - poc - lfscbof
NULL pointer crash in World in Conflict 1.000 (game)
09 Oct 2007: adv - wicvoipnull
Format string in The Dawn of Time 1.69s beta4 (game)
05 Oct 2007: adv - dawnfs
Multiple vulnerabilities in Dropteam 1.3.3 (game)
05 Oct 2007: adv - poc - dropteamz
Format string in the Doom 3 engine through PunkBuster (game)
Doom 3, Quake 4, Prey, ...
01 Oct 2007: adv - poc - d3engfspb
Format string in F.E.A.R. 1.08 through PunkBuster (game)
01 Oct 2007: adv - poc - fearfspb
Unexploitable buffer-overflow in America's Army 2.8.2 through PunkBuster (game)
01 Oct 2007: adv - poc - aaboompb
Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9 (game)
01 Oct 2007: adv - fsdbof
Multiple vulnerabilities in the gMotor2 engine (game)
F1 Challenge 99-02, rFactor, GT Legends, GTR, GTR 2, RACE, Race 07, BMW M3 Challenge, ...
19 Sep 2007: adv - poc - gmotor2
Format string and buffer-overflow in CellFactor Revolution 1.03 (game)
07 Sep 2007: adv - poc - cellfucktor
Format string and clients disconnection in Alien Arena 2007 6.10 (game)
05 Sep 2007: adv - poc - aa2k7x
Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 (game)
29 Aug 2007: adv - poc - dumsdei
Heap overflow in Skulltag 0.97d-beta4.1 (game)
23 Aug 2007: adv - poc - skulltaghof
Multiple denial of service in Soldat 1.4.2/2.6.2 (game)
23 Aug 2007: adv - poc - soldatdos
Multiple vulnerabilities in Vavoom 1.24 (game)
23 Aug 2007: adv - vaboom2
hell bell bug in odamex 0.2a (game)
23 Aug 2007: adv - odamexbell
Buffer-overflow in the Asura engine (game)
Rogue Trooper, Prism: Guard Shield, ...
22 Aug 2007: adv - poc - asurabof
Unexploitable buffer-overflow in the logging function of the Unreal engine (game)
18 Aug 2007: adv - poc - unrwebdos
Multiple vulnerabilities in Toribash 2.71 (game)
18 Aug 2007: adv - poc - toribashish
Multiple vulnerabilities in rFactor 1.250 (game)
18 Aug 2007: adv - poc - rfactorx
Multiple vulnerabilities in Live for Speed 0.5X10 (game)
14 Aug 2007: adv - poc - lfsbof
Multiple vulnerabilities in Babo Violent 2 2.08.00 (game)
14 Aug 2007: adv - poc - bv2x
Crash in Zoidcom 0.6.7 (game)
14 Aug 2007: adv - poc - zoidboom2
Details about the hlfreeze/hl-headnut/csdos/"Born to be pig" bugs (game)
06 Apr 2007: adv - poc - hlfreeze/hl-headnut/csdos/Born to be pig
Pulseaudio 0.9.5 (rev 1437) termination (no tag)
29 Mar 2007: adv - poc - pulsex
Multiple vulnerabilities in NAS 1.8a (svn 231) (no tag)
18 Mar 2007: adv - poc - nasbugs
Buffer-overflow in Conquest client 8.2a (svn 691) (game)
07 Mar 2007: adv - italiano - conquestbof
Limited format string in Netrek 2.12.0 (game)
02 Mar 2007: adv - italiano - poc - netrekfs
Players disconnection in Simbin racing games (game)
GTR - FIA GT Racing Game, GT Legends, GTR 2, RACE - The WTCC Game
21 Feb 2007: adv - italiano - simbinzero
DoS and possible format string in Marathon Aleph One 16 Dec 2006 (game)
07 Jan 2007: adv - poc - alephonz
Buffer-overflow in ml_ipod 2.00p19 (media)
12 Dec 2006: adv - mlipodbof
Multiple vulnerabilities in Winamp Web Interface 7.5.13 (media)
10 Dec 2006: adv - italiano - wawix
In-game callvote map buffer-overflow in Call of Duty series (game)
24 Sep 2006: adv - italiano - codmapbof
Multiple buffer-overflows in libmusicbrainz 2.1.2 (media)
13 Aug 2006: adv - italiano - poc - brainzbof
Multiple buffer-overflows in AlsaPlayer 0.99.76 (media)
09 Aug 2006: adv - italiano - poc - alsapbof
Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 (no tag)
09 Aug 2006: adv - italiano - poc - mptho
Buffer-overflow in Aqualung 0.9beta5 (CVS 0.193.2) (media)
09 Aug 2006: adv - italiano - poc - aquabof
Heap corruption in Festalon 0.5.5 (media)
06 Aug 2006: adv - italiano - poc - festahc
Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006) (p2p)
06 Aug 2006: adv - italiano - poc - dconnx
Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 (media)
31 Jul 2006: adv - italiano - poc - ocpbof
Bugs in BomberClone 0.11.6 (game)
30 Jul 2006: adv - italiano - poc - bcloneboom
Heap overflow in the GT2 loader of libmikmod 3.2.2 (media)
24 Jul 2006: adv - italiano - poc - lmmgt2ho
Format string bug in the gout console output of Game Networking Engine 0.70 (CVS 23 Jul 2006) (game)
24 Jul 2006: adv - italiano - gnefs
Buffer-overflow in the XM loader of Cheese Tracker 0.9.9 (media)
23 Jul 2006: adv - italiano - poc - cheesebof
Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006) (game)
23 Jul 2006: adv - italiano - freecivx
Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127) (game)
22 Jul 2006: adv - italiano - warzonebof
Multiple vulnerabilities in UFO2000 svn 1057 (game)
16 Jul 2006: adv - italiano - ufo2ko
Heap overflow in Dumb 0.9.3 through it_read_envelope (media)
16 Jul 2006: adv - italiano - poc - dumbit
Crash and freeze in Armagetron Advanced 2.8.2 (game)
16 Jul 2006: adv - italiano - atrondos
Format string bug in Sparklet 0.9.4try3 (game)
06 Jul 2006: adv - italiano - sparkletfs
Possible code execution in Kaillera 0.86 (game)
06 Jul 2006: adv - italiano - poc - kailleraex
Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) (media)
06 Jul 2006: adv - italiano - adplugbof
Format string bug and some DoS in Zig Game Engine 1.0.0 (CVS 24 Jun 2006) (game)
06 Jul 2006: adv - italiano - zigfs
Socket unreachable in Nascar Racing 4, 2002 and 2003 Season (game)
02 Jul 2006: adv - italiano - nascarzero
Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...) (game)
some of the possible vulnerable games/engines are listed here
27 Jun 2006: adv - italiano - q3cfilevar
Format string and crash in Neoengine 0.8.2 (rev 3422) (game)
27 Jun 2006: adv - italiano - neoenginex
Client buffer-overflow in Quake 3 engine (1.32c / rev 795 / ...) (game)
some of the possible vulnerable games/engines are listed here
02 Jun 2006: adv - italiano - q3cbof
Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229) (game)
America's Army 2, Battlefield 2*, Call of Duty 1/2, DOOM 3, Enemy Territory, FEAR, Quake 3/4, RTCW, Soldier of Fortune II, ...
23 May 2006: adv - italiano - poc - pbwebbof
Server termination in netPanzer 0.8 (rev 952) (game)
23 May 2006: adv - italiano - poc - panza
Format string vulnerabilities in OpenBOR 2.0046 (game)
20 May 2006: adv - italiano - borfs
Two heap overflow in libextractor 0.5.13 (rev 2832) (media)
17 May 2006: adv - italiano - poc - libextho
Socket unreachable in GNUnet rev 2780 (game)
12 May 2006: adv - italiano - gnunetzero
Multiple vulnerabilities in Outgun 1.0.3 bot 2 (game)
12 May 2006: adv - italiano - poc - outgunx
Server crash in Empire 4.3.2 (game)
12 May 2006: adv - italiano - poc - empiredos
Buffer-overflow and NULL pointer crash in Genecys 0.2 (game)
12 May 2006: adv - italiano - poc - genecysbof
Multiple vulnerabilities in Raydium rev 309 (game)
12 May 2006: adv - italiano - poc - raydiumx
Format string bug in Skulltag 0.96f (game)
23 Apr 2006: adv - italiano - poc - skulltagfs
Denial of service bugs in OpenTTD 0.4.7 (game)
23 Apr 2006: adv - italiano - poc - openttdx
Buffer-overflow and crash in Fenice OMS 1.10 (streaming)
23 Apr 2006: adv - italiano - fenicex
network_receive_packet and network_host_handle_join buffer-overflow in dimension3 1.5 (game)
23 Apr 2006: adv - italiano - poc - dim3bof
Buffer-overflow in Ultr@VNC 1.0.1 viewer and server (enterprise)
04 Apr 2006: adv - italiano - poc - uvncbof
Format string in Doomsday 1.8.6 (game)
03 Apr 2006: adv - italiano - doomsdayfs
Buffer-overflow and in-game crash in Zdaemon 1.08.01 and X-Doom R6 (game)
31 Mar 2006: adv - italiano - poc - zdaebof
Socket unreachable and decompression buffer-overflow in Vavoom 1.19.1 (game)
26 Mar 2006: adv - italiano - poc - vaboom
Multiple vulnerabilities in csDoom 0.7 (game)
26 Mar 2006: adv - italiano - poc - csdoombof
Multiple vulnerabilities in ENet library (Jul 2005) (game)
Cube, Sauerbraten, Duke3d_w32, Soccar, Ered Luin, breve, Enigma, The Mana World, Block Attack and many others
12 Mar 2006: adv - italiano - poc - enetx
Clients disconnection in GGZ Gaming Zone 0.0.12 (game)
12 Mar 2006: adv - italiano - poc - ggzcdos
Multiple vulnerabilities in Alien Arena 2006 GE 5.00 (game)
07 Mar 2006: adv - italiano - poc - aa2k6x
Out of memory crash in Freeciv 2.0.7 (game)
06 Mar 2006: adv - italiano - poc - freecivdos
Multiple vulnerabilities in Liero Xtreme 0.62b (game)
06 Mar 2006: adv - italiano - poc - lieroxxx
Multiple vulnerabilities in Sauerbraten engine 2006_02_28 (game)
06 Mar 2006: adv - italiano - poc - sauerburn
Multiple vulnerabilities in Cube engine 2005_08_29 (game)
06 Mar 2006: adv - italiano - poc - evilcube
Server freeze in Monopd 0.9.3 (game)
03 Mar 2006: adv - italiano - poc - monopdx
Off-by-one in Tenes Empanadas Graciela 0.11.1 (game)
03 Mar 2006: adv - italiano - tegob1
Soldier of Fortune II format string through PunkBuster < 1.180 (game)
16 Feb 2006: adv - italiano - sof2pbfs
Buffer-overflow in Dual DHCP DNS Server 1.0 (no tag)
14 Jan 2006: adv - italiano - poc - dualsbof
BZFlag 2.0.4 server crash due to undelimited callsign (game)
25 Dec 2005: adv - italiano - poc - bzflagboom
Buffer-overflow in GO-Global for Windows 3.1.0.3270 (enterprise)
02 Nov 2005: adv - italiano - PoC (server) - PoC (clients) - ggwbof
Buffer-overflow and directory traversal in Asus Video Security 3.5.0.0 (no tag)
02 Nov 2005: adv - italiano - poc - asusvsbugs
Multiple vulnerabilities in Scorched 3D 39.1 (game)
02 Nov 2005: adv - italiano - poc - scorchbugs
Limited directory traversal in NeroNET 1.2.0.2 (no tag)
02 Nov 2005: adv - italiano - neronet
Buffer-overflow in Glider collect'n kill 1.0.0.0 (game)
02 Nov 2005: adv - italiano - poc - gliderbof
Buffer-overflow and crash in FlatFrag 0.3 (game)
02 Nov 2005: adv - italiano - poc - flatfragz
Player disconnection and server interruption in Blitzkrieg 2 1.21 (game)
02 Nov 2005: adv - italiano - poc - blitz2out
Socket termination in Battle Carry .005 (game)
02 Nov 2005: adv - italiano - poc - bcarrydos
Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100 (game)
30 Sep 2005: adv - italiano - poc - virtbugs
Server crash and motd deletion in MultiTheftAuto 0.5 patch 1 (game)
25 Sep 2005: adv - italiano - poc - mtaboom
Multiple vulnerabilities in BFCommand & Control Server Manager (game)
BFCC <= 1.22_A and BFVCC <= 2.14_B
29 Aug 2005: adv - italiano - poc - bfccown
Server crash in Ventrilo 2.3.0 (game)
23 Aug 2005: adv - italiano - poc - ventboom
Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0 (game)
17 Aug 2005: adv - italiano - poc - chmpokbof
Format string and buffer-overflow in Sacrifice (game)
01 Aug 2005: adv - italiano - sacrifice
Broadcast format string and buffer-overflow in Race Driver 1.20 (game)
18 Jul 2005: adv - italiano - rdrum
Endless loop in NetPanzer 0.8 (game)
13 Jul 2005: adv - italiano - poc - panzone
In-game /ignore crash in Soldier of Fortune II 1.03 (game)
29 Jun 2005: adv - italiano - sof2ignore
Server termination in Raknet 2.33 (before 30 May 2005) (game)
Elite Warriors: Vietnam, ...
05 Jun 2005: adv - italiano - poc - rakzero
Crash in Stronghold 2 1.2 (game)
30 May 2005: adv - italiano - poc - strong2boom
Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 (game)
26 May 2005: adv - italiano - poc - t3wmbof
Buffer-overflow in C'Nedra 0.4.0 (game)
26 May 2005: adv - italiano - poc - cnedrabof
Endless loop in Halo 1.06 (game)
24 May 2005: adv - italiano - poc - haloloop
Format string and crash in Warrior Kings 1.3 and Battles 1.23 (game)
23 May 2005: adv - italiano - PoC for WK - PoC for WKB - warkings
In-game server crash in War Times 1.03 (game)
17 May 2005: adv - italiano - poc - wartimesboom
Crash in Zoidcom 1.0 beta 4 (game)
10 May 2005: adv - italiano - poc - zoidboom
Gamespy cd-key validation system: "Cd-key in use" DoS versus many games (game)
Players of the games Halo, Battlefield 1942 and Vietnam, Men of Valor, Painkiller, Star Wars Battlefront, Star Wars Republic Commando, Tribes: Vengeance and many others
04 May 2005: adv - italiano - PoC (method 2) - PoC (method 1 for Gore 1.48) - gskeyinuse
Gamespy cd-key validation system: Cd-key never in use (game)
04 May 2005: adv - italiano - poc - gskeydisc
Clients format string and server crash in Mtp-Target 1.2.2 (game)
01 May 2005: adv - italiano - poc - mtpbugs
In-game vulnerabilities in IGI 2: Covert Strike 1.3 (game)
14 Apr 2005: adv - italiano - poc - igi2bugs
Multiple vulnerabilities in Yager 5.24 (game)
14 Apr 2005: adv - italiano - poc - yagerbof
In-game server buffer-overflow in Jedi Academy 1.011 (game)
02 Apr 2005: adv - italiano - poc - jamsgbof
In-game server crash (buffer overrun) in Call of Duty 1.5b, United Offensive 1.51b, Call of Duty II 1.0 (game)
02 Apr 2005: adv - italiano - poc - codmsgboom
In-game players kicking in the Quake 3 engine (game)
Call of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy and Wolfenstein: Enemy Territory
02 Apr 2005: adv - italiano - poc - q3msgboom
Buffer-overflow in Tincat 2 minor than 2.0.28 (game)
The Settlers: Heritage of Kings <= 1.02, Sacred <= 1.8.2.6 and others
28 Mar 2005: adv - italiano - poc - tincat2bof
Socket unreachable and crash in FunLabs games (game)
Cabela's, Revolution, Secret Service - In harm's Way, Shadow Force: Razor Unit, US Most Wanted: Nowhere To Hide, ...
20 Mar 2005: adv - italiano - poc - funlabsboom
In-game format string in Xpand Rally 1.1.0.0 (game)
09 Mar 2005: adv - italiano - poc - xprallyfs
Client buffer-overflow in Chaser 1.50 (game)
04 Mar 2005: adv - italiano - poc - chasercool
Format string and crash in Carsten's 3D Engine (March 2004) (game)
03 Mar 2005: adv - italiano - poc - ca3dex
Server termination in Scrapland 1.0 (game)
28 Feb 2005: adv - italiano - poc - scrapboom
In-game cl_guid crash in Soldier of Fortune II 1.03 (game)
24 Feb 2005: adv - italiano - poc - sof2guidboom
Multiple vulnerabilities in TrackerCam 5.12 (no tag)
18 Feb 2005: adv - italiano - poc - tcambof
Buffer-overflow in Bontago 1.1 (game)
18 Feb 2005: adv - italiano - poc - bontagobof
Directory traversal in Xinkaa web station 1.0.3 (no tag)
18 Feb 2005: adv - xinkaa
Infostring crash and shutdown in the Quake 3 engine (game)
Call of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Trek Voyager: Elite Force, Star Trek: Elite Force II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy, Wolfenstein: Enemy Territory, ...
12 Feb 2005: adv - italiano - poc - q3infoboom
Crashes and socket unreachable in Armagetron Advanced 0.2.7.0 (game)
10 Feb 2005: adv - italiano - PoC 1 - PoC 2 - atron
Integer overflow and arbitrary files deletion in RealArcade 1.2.0.994 (game)
08 Feb 2005: adv - italiano - PoC RGS - PoC RGP - realarcade
Limited buffer-overflow in Painkiller 1.35 (game)
02 Feb 2005: adv - italiano - poc - painkkeybof
Broadcast crash in Xpand Rally 1.0.0.0 (game)
30 Jan 2005: adv - italiano - poc - xprallyboom
Local buffer-overflow in W32Dasm 8.93 (no tag)
24 Jan 2005: adv - italiano - poc - w32dasmbof
Arbitrary files overwriting through skins in DivX Player 2.6 (media)
21 Jan 2005: adv - italiano - poc - divxplayer
Socket termination in Halocon 2.0.0.81 (game)
16 Jan 2005: adv - halocon
Server crash in Breed patch #1 (game)
13 Jan 2005: adv - italiano - poc - breedzero
Socket unreachable in Amp II engine (game)
Gore, ...
06 Jan 2005: adv - italiano - poc - amp2zero
Socket termination, format string and XSS in Soldner Secret Wars 30830 (game)
04 Jan 2005: adv - italiano - poc - soldnerx
Socket unreachable in the Lithtech engine (new protocol) (game)
Contract Jack 1.1, No one lives forever 2 1.3, Tron 2.0 1.042 and F.E.A.R. 1.02
13 Dec 2004: adv - italiano - poc - lithsock
Socket unreachable in Codename Eagle 1.42 (game)
11 Dec 2004: adv - italiano - poc - ceaglesock
In-game buffer-overflow in the Gamespy cd-key validation SDK (game)
Some of the games listed here
10 Dec 2004: adv - italiano - PoC for Gore - gskeysdk
Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 (game)
07 Dec 2004: adv - italiano - poc - bfcboom
Multiple vulnerabilities in Kreed 1.05 (game)
02 Dec 2004: adv - italiano - poc - kreedexec
Endless loops in the http-server and pna-proxy modules of Jana server 2.4.4 (no tag)
30 Nov 2004: adv - italiano - poc - janados
Buffer-overflow in Orbz 2.10 (game)
29 Nov 2004: adv - italiano - poc - orbzbof
Players overflow in Serious engine UDP (game)
Alpha Black Zero, Nitro family and Serious Sam Second Encounter 1.07
28 Nov 2004: adv - italiano - poc - serious
Crash in Remote admin for Star wars battlefront (swbfraw32) (game)
28 Nov 2004: adv - swbfraw32
Limited buffer-overflow and arbitrary memory access in Star Wars Battlefront 1.11 (game)
24 Nov 2004: adv - italiano - poc - swb
Broadcast memory corruption in Soldier of Fortune II 1.03 (refer to q3infoboom too) (game)
23 Nov 2004: adv - italiano - poc - sof2boom
Broadcast client crash in Halo 1.05 (game)
22 Nov 2004: adv - italiano - poc - halocboom
Multiple vulnerabilities in Hired Team: Trial (Shine engine) (game)
15 Nov 2004: adv - italiano - hteam
Format string bug in Army Men RTS (game)
14 Nov 2004: adv - italiano - artsfs
Crash in Secure Network Messenger 1.4.2 (no tag)
12 Nov 2004: adv - italiano - snmboom
Resources consumption in 602 Lan Suite 2004.0.04.0909 (enterprise)
06 Nov 2004: adv - italiano - poc - 602res
In-game format string bug in the Lithtech engine (game)
Alien vs Predator 2, Blood 2, Contract Jack, Global Operations, Kiss Psycho Circus, Legends of Might and Magic, No one lives forever, No one lives forever 2, Purge Jihad, Sanity, Shogo, Tron 2.0, F.E.A.R. 1.02 and others...
05 Nov 2004: adv - italiano - lithfs
Directory traversal and DoS in Chesapeake TFTP Server 1.0 (no tag)
30 Oct 2004: adv - poc - cccitftp
Buffer-overflow and directory traversal in Allied Telesyn TFTP server 1.8 (no tag)
30 Oct 2004: adv - poc - attftp
Crashes in Master of Orion III 1.2.5 (game)
27 Oct 2004: adv - italiano - poc - moo3boom
Buffer-overflow in Age of Sail II 1.04.151 (game)
20 Oct 2004: adv - italiano - poc - aos2bof
Broadcast crash in Vypress Tonecast 1.3 (streaming)
19 Oct 2004: adv - italiano - poc - toneboom
Directory traversal in Yak! 2.1.2 (no tag)
15 Oct 2004: adv - italiano - yak
Buffer-overflow in ShixxNOTE 6.net (no tag)
13 Oct 2004: adv - italiano - poc - shixxbof
Limited \secure\ buffer-overflow in some old Monolith games (game)
Alien versus predator 2, Blood 2, No one lives forever and Shogo
08 Oct 2004: adv - italiano - poc - lithsec
Server crash in Flash Messaging 5.2.0g (no tag)
07 Oct 2004: adv - italiano - poc - flashmsg
Directory traversal in Tridcomm 1.3 (no tag)
06 Oct 2004: adv - italiano - tridcomm
In-game format string in Judge Dredd vs. Death 1.01 (game)
02 Oct 2004: adv - italiano - dreddfs
Broadcast buffer-overflow in Vypress Messenger 3.5.1 (no tag)
01 Oct 2004: adv - italiano - poc - vymesbof
Code execution in Icecast 2.0.1 (streaming)
28 Sep 2004: adv - italiano - poc - iceexec
Broadcast crash in Chatman 1.5.1 RC1 (no tag)
27 Sep 2004: adv - italiano - poc - chatmanx
Buffer-overflow in Zinf 2.2.1 for Windows through PLS file (media)
24 Sep 2004: mail with info - poc - zinf-bof
Multiple vulnerabilities in ActivePost Standard 3.1 (no tag)
23 Sep 2004: adv - italiano - PoC crash - PoC directory traversal - actp
Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004) (no tag)
21 Sep 2004: adv - italiano - poc - popmsgboom
Crash in Lords of the Realm III 1.01 (game)
19 Sep 2004: adv - italiano - poc - lotr3boom
Freeze in Pigeon Server 3.02.0143 (no tag)
16 Sep 2004: adv - italiano - poc - pigeonx
Off-by-one bug in Halo 1.04 (game)
09 Sep 2004: adv - italiano - poc - haloboom
Broadcast shutdown in Call of Duty 1.4 (refer to q3infoboom too) (game)
05 Sep 2004: adv - italiano - poc - codboom
Broadcast forced exit in Ground Control II 1.0.0.7 (game)
26 Aug 2004: adv - italiano - poc - gc2boom
Limited buffer overflow in Painkiller 1.31 (game)
24 Aug 2004: adv - italiano - poc - painkex
Medal of Honor remote buffer-overflow (AA 1.11v9, SH 2.15, BT 2.40b) (game)
17 Jul 2004: adv - italiano - poc - mohaabof
Remote crash of Half-Life servers and clients (versions before the 07 July 2004) (game)
12 Jul 2004: adv - italiano - poc - hlboom
Code execution in the Unreal Engine through \secure\ packet (game)
DeusEx, Devastation, Mobile Forces, Nerf Arena Blast, Postal 2, Rune, Tactical Ops, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Unreal Tournament 2004, Wheel of Time, X-com Enforcer, ...
18 Jun 2004: adv - italiano - poc - SpoofedPoC - unsecure
Various in-game crashes and fun in Race Driver 1.20 (game)
08 Jun 2004: adv - italiano - poc - rdboom
Colin McRae Rally 04 1.0 broadcast clients crash (game)
04 Jun 2004: adv - italiano - poc - cmr4cdos
Arbitrary file overwriting in Unreal engine through UMOD (game)
22 Apr 2004: adv - italiano - poc - umod
DoS in Rsniff 1.0 (no tag)
09 Apr 2004: adv - italiano - poc - rsniff
Format string bug in IGI 2: Covert Strike 1.3 (game)
05 Apr 2004: adv - italiano - poc - igi2fs
RogerWilco new bugs: UDP crash, "Voices from the deep", privacy problems and annoying attacks (game)
31 Mar 2004: adv - poc - wilco
Remote crash in Etherlords I 1.07 and II 1.03 (game)
25 Mar 2004: adv - italiano - poc - ethboom
Buffer overflow in PicoPhone 1.63 (no tag)
24 Mar 2004: adv - italiano - poc - picobof
Server freeze in The Rage 1.01 (game)
23 Mar 2004: adv - italiano - poc - ragefreeze
Castles and Catapults game freeze (game)
23 Mar 2004: adv - italiano - cnc
Broadcast client buffer-overflow in Terminator 3 1.0 (game)
19 Mar 2004: adv - italiano - poc - t3cbof
Chrome 1.2.0.0 server crash (game)
18 Mar 2004: adv - italiano - poc - chrome-boom
Battle Mages server freeze (game)
11 Mar 2004: adv - italiano - poc - LAN_PoC - battlemages
Format string bug in EpicGames Unreal engine (game)
America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, XIII, ...
10 Mar 2004: adv - italiano - poc - unrfs
Crash of Battle Isle Andosia War 2.08 (game)
09 Mar 2004: adv - italiano - PoC (for server) - PoC (for client) - bisleboom
Ghost users in Chat Anywhere 2.72 (no tag)
09 Mar 2004: adv - italiano - PoC (html page) - chatany-ghost
Remote server crash in Haegemonia 1.07 and Desert Rats vs. Afrika Korps (game)
24 Feb 2004: adv - italiano - poc - hgmcrash
Client buffer overflow in Freespace 2 1.2 (game)
02 Mar 2004: adv - italiano - poc - fs2cbof
Clients broadcast buffer overflow in Red Faction 1.20 (game)
01 Mar 2004: adv - italiano - poc - rfcbof
Games servers crash and possible small privacy problem caused by Gamespy cd-key SDK (game)
several games vulnerables (before March 2004 but also some recents)
Battlefield 1942, Contract Jack, Gore, Halo, Hidden & Dangerous 2, IGI 2: Covert Strike, Need For Speed Hot Pursuit 2, Tribes: Vengeance, TRON 2.0, ...
24 Feb 2004: adv - italiano - poc - more_stuff - gshboom
Remote crash in Ghost Recon engine (game)
Ghost Recon, Desert Siege and The Sum of all Fears
24 Feb 2004: adv - italiano - poc - grboom
Remote server crash in Team Factor 1.25 (game)
20 Feb 2004: adv - italiano - poc - tfboom
Broadcast client buffer-overflow in Purge Jihad 2.0.1 (game)
16 Feb 2004: adv - italiano - poc - purge-cbof
Denial of Service in Ratbag's game engine (game)
Dirt Track Racing, Dirt Track Racing Australia, Leadfoot, Dirt Track Racing Sprint Cars, Dirt Track Racing 2 and World of Outlaws Sprint Cars
11 Feb 2004: adv - italiano - poc - ratbag
Denial of Service in Monkey httpd 0.8.1 (no tag)
11 Feb 2004: adv - italiano - poc - monkeydos
Remote crash of Chaser game 1.50 (game)
03 Feb 2004: adv - italiano - PoC for server - PoC for client - chaser
Need for Speed Hot pursuit 2 242 broadcast client's buffer overflow (game)
22 Jan 2004: adv - italiano - poc - nfshp2cbof
Xitami 2.5c1 server crash and possible code execution through malformed SSI files (no tag)
19 Jan 2004: poc - ssi-xitami
Denial of service in Getware's built-in webserver (Webcam Live and Photohost) (no tag)
19 Jan 2004: adv - italiano - poc - wcamdos
Directories management bypassing in Goahead webserver 2.1.8 (no tag)
19 Jan 2004: adv - italiano - goahead2
Resources consumption in Goahead webserver 2.1.8 (no tag)
19 Jan 2004: adv - italiano - poc - goahead1
Multiple vulnerabilities in WWW Fileshare Pro 2.42 (no tag)
14 Jan 2004: adv - italiano - PoC bug 1 - PoC bug 2a - PoC bug 2b - wfshare
Buffer-overflow in Jordan's telnet server (no tag)
29 Dec 2003: adv - italiano - poc - jordwts
Directory traversal bug in DCAM server 8.2.5 (no tag)
22 Dec 2003: adv - italiano - dcam
Directory traversal and XSS in Active Webcam 4.3 (no tag)
19 Dec 2003: adv - italiano - activecam
Server side scripts viewing in Goahead webserver 2.1.7 (no tag)
bug originally found by Richard Brain of Procheckup
17 Dec 2003: adv - italiano - goahead3
FAT32 directory auth bypass on Linux Abyssws 1.2 (no tag)
08 Dec 2003: adv - italiano - abyss-dot
Surfboard 1.1.8 vulns (no tag)
01 Dec 2003: adv - italiano - surfd
Remote crash in the Serious Sam engine (game)
30 Oct 2003: adv - italiano - poc - ssboom
Medieval Total War 1.1 crash (game)
07 Oct 2003: adv - italiano - poc - mtwdos-server
Medieval Total War 1.1 Connection expired (game)
07 Oct 2003: adv - italiano - poc - mtwexp-server
Medieval Total War 1.1 client crash and directory traversal (game)
07 Oct 2003: adv - italiano - poc - mtw2client
Gamespy3d 263020 lets code execution through long IRC answer (game)
30 Sep 2003: adv - italiano - poc - gs3d-ircbof
Half-Life's client 1.1.1.0 format string (mail sent to vuln-dev) (game)
29 Sep 2003: adv - italiano - poc - hlclientfs
NULLhttpd 0.5.1 remote resources consumption (no tag)
24 Sep 2003: adv - italiano - poc - nullhttpd-dos
NULLhttpd 0.5.1 XSS through Bad request (no tag)
24 Sep 2003: adv - italiano - poc - nullhttpd-xss
SpeakFreely for Win 7.6a remote crash through malformed GIF (no tag)
22 Sep 2003: adv - italiano - poc - sfwin-gif
SpeakFreely for Win 7.6a spoofed DoS (no tag)
22 Sep 2003: adv - italiano - poc - sfwin-dos
GuildFTPd 0.999.5 partial directory traversal bug (no tag)
?? Sep 2003: adv - italiano - guildftpd-dir
Goahead 2.1.3 DoS through negative Content-Length (no tag)
22 Sep 2003: adv - italiano - goahead-neg
Winamp 2.91 lets code execution through MIDI files (IN_MIDI.DLL 3.01) (media)
08 Sep 2003: adv - italiano - example - winamp-midi
Rogerwilco: server's buffer overflow (1.4.1.6, 0.30a) (game)
08 Sep 2003: adv - italiano - poc - wilco-recvbof
Rogerwilco 1.4.1.2 and 1.4.1.6 remix of bugs (game)
08 Sep 2003: adv - italiano - poc - wilco-remix
Problems with the MODs of Half-Life 1.1.1.0 (game)
29 Jul 2003: adv - italiano - hlmods
Half-Life servers: buffer-overflow and freeze (versions 1.1.1.0, 4.1.1.1c1 and 3.1.1.1c1) (game)
29 Jul 2003: adv - italiano - poc - hlbof-server
Half-Life broadcast client's buffer-overflow (versions 1.1.1.0) (game)
29 Jul 2003: adv - italiano - poc - hlbof-client
Broadcast buffer-overflow and server freeze in RogerWilco Mk.1d3 2001 (game)
02 Jul 2003: adv - poc - wilco
Quake 3 con\con exploit (funny) (game)
27 May 2003: adv - italiano - poc - q3concon
UnrealTournament 2003 2199 client passive DoS (game)
13 May 2003: adv - italiano - poc - ut2003pdos
Abyss webserver X1 1.1.2 remote crash (no tag)
05 Apr 2003: adv - articolo in italiano scritto riguardo al problema abyssx1
Emule 0.27b remote crash (p2p)
25 Mar 2003: adv - italiano - poc - emule
Edonkey and Overnet 0.45 resources consumption (p2p)
21 Mar 2003: adv - italiano - poc - edonkey
Some game master servers can be used as amplifiers (game)
20 Feb 2003: adv - italiano - poc - msddos
Unreal engine: results of my research (game)
DoS, DDoS, remote memory problems, execution of malicious code and more
05 Feb 2003: adv - italiano - PoC section - ueng
Blade encoder 0.94.2 code execution (no tag)
02 Feb 2003: adv - italiano - PoC wave - blade942
Savant 3.1 multiple vulnerabilities (no tag)
13 Sep 2002: adv - italiano - PoC data - savant
SWServer 2.2 directory traversal bug (no tag)
28 Aug 2002: adv - italiano - swserver
Blazix 1.2 jsp view and protected folder access (no tag)
24 Aug 2002: adv - italiano - Blazix
Abyss 1.0.3 (patch 2) directory traversal and administration bug (no tag)
22 Aug 2002: adv - italiano - poc - abyss
Bajie 0.95zvh index viewing and server scripts download (no tag)
16 Aug 2002: adv - bajie
Apache 2.0.39 directory traversal and path disclosure bug for not Unix systems (enterprise)
16 Aug 2002: adv - italiano - apache
Lcc-win32 (all versions) privacy problem in Windows9x (no tag)
02 Aug 2002: adv - italiano - lcc
Pegasus Mail 4.01 DoS (no tag)
24 Jul 2002: adv - italiano - poc - pegasus
Popcorn mail client 1.20 multiple vulnerabilities (no tag)
11 Jul 2002: adv - italiano - poc - popcorn
Webtrends 3.1 script files view (enterprise)
03 Jun 2001: adv - webtrends
CheckBo 1.56 multiple vulnerabilities (no tag)
20 Apr 2001: adv - italiano - poc - checkbo
Apache 1.3.15 Win32 anonymous DoS (enterprise)
12 Apr 2001: adv - italiano - apache1