Nvidia: Security Vulnerabilities
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-02-27
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-02-27
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer, which may lead to denial of service or escalation of privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-02-27
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-02-27
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-02-27
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-11-27
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-11-27
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-11-27
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-11-13
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.
CVSS Score
7.0
EPSS Score
0.0
Published
2018-10-02