This page lists publicly disclosed CVE vulnerabilities affecting valve_software half-life (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-0724 | The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet. | [email protected] | 5.0 | 0.74% | 2004-07-27 | 2026-04-16 |
| CVE-2002-0964 | Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out. | [email protected] | 5.0 | 6.28% | 2002-10-04 | 2026-04-16 |
| CVE-2001-0964 | Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. | [email protected] | 7.5 | 1.43% | 2001-09-20 | 2026-04-16 |
| CVE-2001-0358 | Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file. | [email protected] | 7.5 | 3.21% | 2001-06-27 | 2026-04-16 |