VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2019-5689Nov 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of…

  • CVE-2019-5699Oct 9, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and…

  • CVE-2019-5700Oct 9, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

  • CVE-2018-6240Sep 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address

  • CVE-2019-5682Aug 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service.

  • CVE-2019-5681Aug 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure.

  • CVE-2019-5679Aug 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code…

  • CVE-2019-5687Aug 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor

  • CVE-2019-5686Aug 6, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid,…

  • CVE-2019-5685Aug 6, 2019
    risk 0.00cvss epss 0.05

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.

  • CVE-2019-5684Aug 6, 2019
    risk 0.00cvss epss 0.05

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.

  • CVE-2019-5683Aug 6, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code…

  • CVE-2019-5680Jul 19, 2019
    risk 0.00cvss epss 0.00

    In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of…

  • CVE-2017-6261Jun 5, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosure.

  • CVE-2019-5678May 31, 2019
    risk 0.00cvss epss 0.01

    NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information…

  • CVE-2019-5677May 10, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference…

  • CVE-2019-5676May 10, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of…

  • CVE-2019-5675May 10, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead…

  • CVE-2018-6243May 7, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version:…

  • CVE-2018-6269Apr 12, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code…

  • CVE-2018-6239Apr 12, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3.

  • CVE-2019-5673Apr 11, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service.

  • CVE-2019-5672Apr 11, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing,…

  • CVE-2019-5674Mar 28, 2019
    risk 0.00cvss epss 0.01

    NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of…

  • CVE-2018-12210Mar 14, 2019
    risk 0.00cvss epss 0.00

    Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an…

  • CVE-2019-5666Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly…

  • CVE-2019-5668Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation…

  • CVE-2019-5669Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is…

  • CVE-2019-5665Feb 27, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This behavior may lead to code execution, denial of service or escalation of privileges.

  • CVE-2019-5671Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service.

  • CVE-2019-5670Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is…

  • CVE-2019-5667Feb 27, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or…

  • CVE-2018-6268Feb 13, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.

  • CVE-2018-6271Feb 13, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.

  • CVE-2018-6267Feb 13, 2019
    risk 0.00cvss epss 0.01

    NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID:…

  • CVE-2018-6241Jan 31, 2019
    risk 0.00cvss epss 0.00

    NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High…

  • CVE-2018-6263Nov 27, 2018
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.

  • CVE-2018-6266Nov 27, 2018
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.

  • CVE-2018-6265Nov 27, 2018
    risk 0.00cvss epss 0.00

    NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.

  • CVE-2015-8328Nov 24, 2015
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via…

  • CVE-2015-7869Nov 24, 2015
    risk 0.00cvss epss 0.00

    Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to…

  • CVE-2015-7866Nov 24, 2015
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse…

  • CVE-2015-5053Nov 24, 2015
    risk 0.00cvss epss 0.02

    The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges,…

  • CVE-2015-5950Sep 30, 2015
    risk 0.00cvss epss 0.00

    The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and…

  • CVE-2015-3625Jul 18, 2015
    risk 0.00cvss epss 0.00

    The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write…

  • CVE-2015-1170Mar 6, 2015
    risk 0.00cvss epss 0.00

    The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via…

  • CVE-2014-5332Feb 6, 2015
    risk 0.00cvss epss 0.00

    Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox.

  • CVE-2014-8298Dec 10, 2014
    risk 0.00cvss epss 0.03

    The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service…

  • CVE-2013-5987Jan 21, 2014
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.

  • CVE-2013-5986Jan 21, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987.

Page 20 of 21