Vulnerabilities > Nvidia
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-31 | CVE-2019-5678 | Improper Input Validation vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. | 7.8 |
2019-05-10 | CVE-2019-5677 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | 5.5 |
2019-05-10 | CVE-2019-5676 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Display Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. | 6.7 |
2019-05-10 | CVE-2019-5675 | Improper Synchronization vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure. | 7.8 |
2019-04-12 | CVE-2018-6269 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. | 7.8 |
2019-04-12 | CVE-2018-6239 | Information Exposure vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. | 5.5 |
2019-04-11 | CVE-2019-5673 | Improper Check for Unusual or Exceptional Conditions vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service. | 6.1 |
2019-04-11 | CVE-2019-5672 | Key Management Errors vulnerability in Nvidia Jetson TX1 and Jetson TX2 NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure. | 9.1 |
2019-04-01 | CVE-2018-3979 | Resource Exhaustion vulnerability in multiple products A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. | 6.5 |
2019-03-28 | CVE-2019-5674 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. | 7.0 |