Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2021-1060 | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. | 7.1 |
| 2021-01-08 | CVE-2021-1059 | Integer Overflow or Wraparound vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. | 7.8 |
| 2021-01-08 | CVE-2021-1058 | Improper Validation of Specified Quantity in Input vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. | 7.1 |
| 2021-01-08 | CVE-2021-1057 | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. | 7.8 |
| 2021-01-08 | CVE-2021-1056 | Incorrect Default Permissions vulnerability in multiple products NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | 7.1 |
| 2021-01-08 | CVE-2021-1052 | Unspecified vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. | 7.8 |
| 2021-01-08 | CVE-2021-1051 | Improper Privilege Management vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | 8.4 |
| 2020-11-11 | CVE-2020-5992 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce NOW NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | 7.8 |
| 2020-10-30 | CVE-2020-5991 | Out-of-bounds Write vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure. | 7.8 |
| 2020-10-23 | CVE-2020-5990 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | 7.8 |