Vulnerabilities > Nvidia

DATE CVE VULNERABILITY TITLE RISK
2017-11-16 CVE-2017-0866 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Tegra X1 Firmware
An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree.
local
low complexity
nvidia CWE-119
7.8
2017-10-17 CVE-2017-6273 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Adsp Firmware
NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-119
7.8
2017-10-16 CVE-2017-0316 Improper Input Validation vulnerability in Nvidia Geforce Experience
In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2017-10-04 CVE-2017-14491 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
9.8
2017-09-22 CVE-2017-6277 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2017-09-22 CVE-2017-6272 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2017-09-22 CVE-2017-6271 Divide By Zero vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service.
local
low complexity
nvidia CWE-369
5.5
2017-09-22 CVE-2017-6270 Divide By Zero vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero and denial of service.
local
low complexity
nvidia CWE-369
5.5
2017-09-22 CVE-2017-6269 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2017-09-22 CVE-2017-6268 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-20
7.8