Vulnerabilities > Nvidia > Geforce Experience > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-07 | CVE-2022-42291 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. | 5.5 |
| 2021-12-23 | CVE-2021-23175 | Incorrect Authorization vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream. | 4.4 |
| 2021-06-25 | CVE-2021-1073 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. | 5.1 |
| 2020-10-23 | CVE-2020-5990 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | 4.6 |
| 2020-10-23 | CVE-2020-5978 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | 4.6 |
| 2020-10-23 | CVE-2020-5977 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. | 4.4 |
| 2020-06-25 | CVE-2020-5964 | Improper Validation of Integrity Check Value vulnerability in Nvidia products NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. | 4.6 |
| 2020-03-11 | CVE-2020-5958 | Untrusted Search Path vulnerability in Nvidia Geforce Experience, Quadro Firmware and Tesla Firmware NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | 4.4 |
| 2020-03-05 | CVE-2020-5957 | Improper Privilege Management vulnerability in Nvidia Geforce Experience, Quadro Firmware and Tesla Firmware NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | 4.6 |
| 2019-12-24 | CVE-2019-5702 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. local nvidia | 4.4 |