Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5676 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Display Driver | 2022-04-27 | 7.2 HIGH | 6.7 MEDIUM |
| NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. | |||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2022-01-01 | 6.9 MEDIUM | 6.5 MEDIUM |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||
| CVE-2021-1079 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2021-05-18 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the consequence of a modification nor would they be able to leak information as a direct result of the overwrite. | |||||
| CVE-2016-8827 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2021-02-11 | 5.0 MEDIUM | 6.5 MEDIUM |
| NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack. | |||||
| CVE-2018-6258 | 1 Nvidia | 1 Geforce Experience | 2020-08-24 | 1.9 LOW | 4.7 MEDIUM |
| NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information. | |||||
| CVE-2018-6266 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2019-04-04 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure. | |||||
| CVE-2016-4961 | 1 Nvidia | 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more | 2016-12-15 | 4.9 MEDIUM | 5.5 MEDIUM |
| For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. | |||||