Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-16 | CVE-2016-8821 | Improper Access Control vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where improper access controls may allow a user to access arbitrary physical memory, leading to an escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8820 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure. | 6.1 |
| 2016-12-16 | CVE-2016-8819 | Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a handle to a kernel object may be returned to the user, leading to possible denial of service or escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8818 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a pointer passed from a user to the driver is used without validation, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8817 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy(), causing a buffer overflow, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8816 | Improper Validation of Array Index vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8815 | Improper Validation of Array Index vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8814 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-8813 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-12-16 | CVE-2016-9967 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 9.8 |