This repository contains all the vulnerabilities that I have reported to Valve using the Hackerone platform since around 2018. Some reports have been processed, some are still being reviewed. Since Valve is not interested in cooperation (some reports remain in the Triaged and New stage for several years, and Valve ignores all requests to resume verification), I decided to publish everything that I had for them. I don’t need to speed up the processing of reports, since I still won’t be able to receive the money due to payout restrictions in my country, besides, the reward for work is minimal anyway (probably about $200 for the current bounty program). I'm doing this because someone might be interested in seeing how shellcode, remote DLL injection, crashes and information disclosure work in GoldSource and Source games.
All vulnerabilities presented here are for educational purposes only.