Geforce Experience
by Nvidia
CVEs (34)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1079 | 0.00 | — | 0.00 | Apr 20, 2021 | NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have… | |||
| CVE-2021-1072 | 0.00 | — | 0.00 | Feb 5, 2021 | NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service. | |||
| CVE-2020-5978 | 0.00 | — | 0.00 | Oct 23, 2020 | NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | |||
| CVE-2020-5990 | 0.00 | — | 0.00 | Oct 23, 2020 | NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | |||
| CVE-2020-5977 | 0.00 | — | 0.00 | Oct 23, 2020 | NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and… | |||
| CVE-2019-5702 | 0.00 | — | 0.00 | Dec 24, 2019 | NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||
| CVE-2019-5695 | 0.00 | — | 0.01 | Nov 12, 2019 | NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the… | |||
| CVE-2019-5701 | 0.00 | — | 0.01 | Nov 9, 2019 | NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL… | |||
| CVE-2019-5689 | 0.00 | — | 0.00 | Nov 9, 2019 | NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of… | |||
| CVE-2019-5678 | 0.00 | — | 0.01 | May 31, 2019 | NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information… | |||
| CVE-2019-5674 | 0.00 | — | 0.01 | Mar 28, 2019 | NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of… | |||
| CVE-2018-6265 | 0.00 | — | 0.00 | Nov 27, 2018 | NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser. | |||
| CVE-2018-6266 | 0.00 | — | 0.00 | Nov 27, 2018 | NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure. | |||
| CVE-2018-6263 | 0.00 | — | 0.00 | Nov 27, 2018 | NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges. |
- CVE-2021-1079Apr 20, 2021risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have…
- CVE-2021-1072Feb 5, 2021risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service.
- CVE-2020-5978Oct 23, 2020risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.
- CVE-2020-5990Oct 23, 2020risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
- CVE-2020-5977Oct 23, 2020risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and…
- CVE-2019-5702Dec 24, 2019risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.
- CVE-2019-5695Nov 12, 2019risk 0.00cvss —epss 0.01
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the…
- CVE-2019-5701Nov 9, 2019risk 0.00cvss —epss 0.01
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL…
- CVE-2019-5689Nov 9, 2019risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of…
- CVE-2019-5678May 31, 2019risk 0.00cvss —epss 0.01
NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information…
- CVE-2019-5674Mar 28, 2019risk 0.00cvss —epss 0.01
NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of…
- CVE-2018-6265Nov 27, 2018risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.
- CVE-2018-6266Nov 27, 2018risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.
- CVE-2018-6263Nov 27, 2018risk 0.00cvss —epss 0.00
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.
Page 2 of 2