Activision

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-20893 1Activision 1Call Of Duty Modern Warfare 2 Jun 17, 2026 Jun 30, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty...Show more An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim's machine.Show less
CVE-2018-20817 1Activision 1Call Of Duty Nov 21, 2024 Apr 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine...Show more SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects Call of Duty: Modern Warfare 2, Call of Duty: Modern Warfare 3, Call of Duty: Ghosts, Call of Duty: Advanced Warfare, Call of Duty: Black Ops 1, and Call of Duty: Black Ops 2.Show less
CVE-2018-10718 1Activision 1Call Of Duty Modern Warfare 2 Nov 21, 2024 May 3, 2018 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.
CVE-2012-4918 1Activision 1Call Of Duty Elite Apr 29, 2026 Jan 22, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack.
CVE-2008-2106 1Activision 1Call Of Duty 4 Apr 23, 2026 May 7, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.
CVE-2006-5058 1Activision 3Call Of Duty Call Of Duty 2Call Of Duty United Offensive Apr 23, 2026 Sep 28, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument...Show more Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command.Show less
CVE-2005-0983 4Activision Id SoftwareLucasarts+1 more 10Call Of Duty Call Of Duty United OffensiveQuake 3 Arena+7 more Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data...Show more Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.Show less
CVE-2004-1664 1Activision 2Call Of Duty Call Of Duty United Offensive Apr 16, 2026 Sep 5, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: thi...Show more Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430.Show less