Vulnerabilities > Nvidia > GPU Driver > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2021-1055 | Unspecified vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure. | 4.6 |
| 2021-01-08 | CVE-2021-1053 | Improper Input Validation vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. | 5.5 |
| 2021-01-08 | CVE-2021-1051 | Improper Privilege Management vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | 6.6 |
| 2019-11-12 | CVE-2019-5695 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Driver NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | 6.9 |
| 2019-11-09 | CVE-2019-5694 | Uncontrolled Search Path Element vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | 4.4 |
| 2019-11-09 | CVE-2019-5693 | Access of Uninitialized Pointer vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service. | 4.9 |
| 2019-08-06 | CVE-2019-5686 | Improper Input Validation vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. | 4.9 |
| 2019-05-10 | CVE-2019-5677 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | 4.9 |
| 2019-02-27 | CVE-2019-5671 | Missing Release of Resource after Effective Lifetime vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | 4.9 |
| 2018-04-02 | CVE-2018-6253 | Infinite Loop vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service. | 4.9 |