← Back

Blizzard

blizzard

4 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Battle.net
battle.net
2 CVEs
Warcraft 3 The Frozen Throne
warcraft_3_the_frozen_throne
1 CVE
Overwatch
overwatch
1 CVE

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-27997
1Blizzard
1Battle.net
Jun 3, 2025
May 21, 2025
N/A· v4
8.4 HIGH· v3
N/A· v2
An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to escalate privileges via placing a crafted shell script or executable into the C:\ProgramData directory.
CVE-2020-27383
1Blizzard
1Battle.net
Nov 21, 2024
Jun 9, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnera...Show more
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to weak set of permissions being granted to the "Authenticated Users Group" which grants the (F) Flag aka "Full Control"Show less
CVE-2017-14748
1Blizzard
1Overwatch
May 13, 2026
Sep 26, 2017
N/A· v4
5.3 MEDIUM· v3
3.5 LOW· v2
Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initia...Show more
Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.Show less
CVE-2009-4768
1Blizzard
1Warcraft 3 The Frozen Throne
Apr 29, 2026
Apr 20, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. NOTE: some of these...Show more
Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. NOTE: some of these details are obtained from third party information.Show less