Vulnerabilities > Nvidia > Geforce Experience

DATE CVE VULNERABILITY TITLE RISK
2023-02-12 CVE-2022-42292 Link Following vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering.
local
low complexity
nvidia CWE-59
7.8
2023-02-07 CVE-2022-31611 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched.
local
low complexity
nvidia CWE-427
7.3
2023-02-07 CVE-2022-42291 Link Following vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering.
local
low complexity
nvidia CWE-59
5.5
2021-12-23 CVE-2021-23175 Incorrect Authorization vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream.
local
low complexity
nvidia CWE-863
8.2
2021-06-25 CVE-2021-1073 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser.
network
high complexity
nvidia
8.3
2021-04-20 CVE-2021-1079 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation.
local
low complexity
nvidia
6.1
2021-02-05 CVE-2021-1072 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service.
local
low complexity
nvidia
7.1
2020-10-23 CVE-2020-5990 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
local
low complexity
nvidia
7.8
2020-10-23 CVE-2020-5978 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.
local
low complexity
nvidia
7.8
2020-10-23 CVE-2020-5977 Untrusted Search Path vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
local
low complexity
nvidia CWE-426
7.8