Vendor CVEs
Nvidia
All CVEs
1,011 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0131 | 0.00 | — | 0.05 | Apr 8, 2013 | Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor. | |||
| CVE-2013-0111 | 0.00 | — | 0.00 | Apr 8, 2013 | daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. | |||
| CVE-2013-0110 | 0.00 | — | 0.00 | Apr 8, 2013 | nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse… | |||
| CVE-2012-4225 | 0.00 | — | 0.00 | Nov 19, 2012 | NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0. | |||
| CVE-2011-4784 | 0.00 | — | 0.00 | Dec 27, 2011 | The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application. | |||
| CVE-2011-2603 | 0.00 | — | 0.02 | Jun 30, 2011 | The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attackers to cause a denial of service (desktop hang) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. | |||
| CVE-2011-2602 | 0.00 | — | 0.02 | Jun 30, 2011 | The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the… | |||
| CVE-2011-0636 | 0.00 | — | 0.00 | Jan 22, 2011 | The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during… | |||
| CVE-2008-5144 | 0.00 | — | 0.00 | Nov 18, 2008 | nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | |||
| CVE-2007-3532 | 0.00 | — | 0.00 | Jul 27, 2007 | NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service… | |||
| CVE-2007-3531 | 0.00 | — | 0.00 | Jul 25, 2007 | The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file. |
- CVE-2013-0131Apr 8, 2013risk 0.00cvss —epss 0.05
Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.
- CVE-2013-0111Apr 8, 2013risk 0.00cvss —epss 0.00
daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program.
- CVE-2013-0110Apr 8, 2013risk 0.00cvss —epss 0.00
nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse…
- CVE-2012-4225Nov 19, 2012risk 0.00cvss —epss 0.00
NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0.
- CVE-2011-4784Dec 27, 2011risk 0.00cvss —epss 0.00
The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application.
- CVE-2011-2603Jun 30, 2011risk 0.00cvss —epss 0.02
The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attackers to cause a denial of service (desktop hang) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK.
- CVE-2011-2602Jun 30, 2011risk 0.00cvss —epss 0.02
The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the…
- CVE-2011-0636Jan 22, 2011risk 0.00cvss —epss 0.00
The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during…
- CVE-2008-5144Nov 18, 2008risk 0.00cvss —epss 0.00
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file.
- CVE-2007-3532Jul 27, 2007risk 0.00cvss —epss 0.00
NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service…
- CVE-2007-3531Jul 25, 2007risk 0.00cvss —epss 0.00
The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.
Page 21 of 21