Geforce Experience
Sign in to watchby Nvidia
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14491 | Cri | 0.71 | 9.8 | 0.50 | Oct 4, 2017 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | |
| CVE-2016-8812 | Hig | 0.60 | 8.8 | 0.00 | Nov 8, 2016 | For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges. | |
| CVE-2017-6250 | Hig | 0.57 | 8.8 | 0.00 | Apr 28, 2017 | NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution. | |
| CVE-2016-5852 | Hig | 0.51 | 7.8 | 0.00 | Nov 8, 2016 | For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path. | |
| CVE-2016-8827 | Med | 0.43 | 6.5 | 0.06 | Dec 16, 2016 | NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack. |