VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2020-5990Oct 23, 2020
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.

  • CVE-2020-5978Oct 23, 2020
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.

  • CVE-2020-5977Oct 23, 2020
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and…

  • CVE-2020-5989Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5988Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5986Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5987Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to…

  • CVE-2020-5985Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5984Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to…

  • CVE-2020-5983Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may…

  • CVE-2020-5981Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.

  • CVE-2020-5982Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests,…

  • CVE-2020-5979Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.

  • CVE-2020-5980Oct 2, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.

  • CVE-2019-17098Sep 30, 2020
    risk 0.00cvss epss 0.00

    Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version…

  • CVE-2020-5976Sep 18, 2020
    risk 0.00cvss epss 0.01

    NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information…

  • CVE-2020-5975Sep 18, 2020
    risk 0.00cvss epss 0.01

    NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.

  • CVE-2020-5974Jul 8, 2020
    risk 0.00cvss epss 0.00

    NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges.

  • CVE-2020-5973Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version…

  • CVE-2020-5970Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

  • CVE-2020-5972Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and…

  • CVE-2020-5971Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of…

  • CVE-2020-5968Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code…

  • CVE-2020-5969Jun 30, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x…

  • CVE-2020-5966Jun 25, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.

  • CVE-2020-5967Jun 25, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.

  • CVE-2020-5965Jun 25, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, leading to denial of service.

  • CVE-2020-5964Jun 25, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure.

  • CVE-2020-5963Jun 25, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

  • CVE-2020-5962Jun 24, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

  • CVE-2012-0953May 8, 2020
    risk 0.00cvss epss 0.00

    A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53.

  • CVE-2012-0952May 8, 2020
    risk 0.00cvss epss 0.00

    A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.

  • CVE-2020-5961Mar 12, 2020
    risk 0.00cvss epss 0.00

    NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.

  • CVE-2020-5959Mar 12, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service.

  • CVE-2020-5960Mar 12, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service.

  • CVE-2020-5958Mar 11, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure.

  • CVE-2020-5957Mar 5, 2020
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

  • CVE-2012-0951Feb 12, 2020
    risk 0.00cvss epss 0.00

    A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.

  • CVE-2019-5702Dec 24, 2019
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

  • CVE-2019-5688Nov 18, 2019
    risk 0.00cvss epss 0.00

    NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory…

  • CVE-2019-5695Nov 12, 2019
    risk 0.00cvss epss 0.01

    NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the…

  • CVE-2019-5701Nov 9, 2019
    risk 0.00cvss epss 0.01

    NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL…

  • CVE-2019-5698Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service.

  • CVE-2019-5697Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service.

  • CVE-2019-5696Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.

  • CVE-2019-5694Nov 9, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to…

  • CVE-2019-5693Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service.

  • CVE-2019-5692Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of…

  • CVE-2019-5691Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges.

  • CVE-2019-5690Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges.