Filtered by vendor Id Software
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2026-04-16 | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | ||||
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2026-04-16 | N/A |
| Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | ||||
| CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2026-04-16 | N/A |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | ||||
| CVE-2002-0770 | 1 Id Software | 1 Quake 2i Server | 2026-04-16 | N/A |
| Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password." | ||||
| CVE-2004-2593 | 1 Id Software | 1 Quake Ii Server | 2026-04-16 | N/A |
| Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | ||||
| CVE-2005-0983 | 4 Activision, Id Software, Lucasarts and 1 more | 10 Call Of Duty, Call Of Duty United Offensive, Return To Castle Wolfenstein and 7 more | 2026-04-16 | N/A |
| Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. | ||||
| CVE-2007-5248 | 2 Id Software, Take2games | 3 Doom 3, Quake 4, Prey | 2025-04-09 | N/A |
| Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | ||||