Vulnerabilities > Nvidia > GPU Driver > High

DATE CVE VULNERABILITY TITLE RISK
2016-11-08 CVE-2016-7384 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-7383 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer (nvlddmkm.sys) handler, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-7382 Permission Issues vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
local
low complexity
nvidia CWE-275
7.8
2016-11-08 CVE-2016-7381 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-4959 NULL Pointer Dereference vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service.
network
low complexity
nvidia CWE-476
7.5