Vulnerabilities > Nvidia > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-06 CVE-2019-5682 Unspecified vulnerability in Nvidia Shield Experience
NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service.
local
low complexity
nvidia
7.8
2019-08-06 CVE-2019-5679 Improper Authentication vulnerability in Nvidia Shield Experience
NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges
local
low complexity
nvidia CWE-287
7.8
2019-06-05 CVE-2017-6261 Improper Input Validation vulnerability in Nvidia Vibrante Linux 1.1/2.0/2.2
NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosure.
local
low complexity
nvidia CWE-20
7.8
2019-05-31 CVE-2019-5678 Improper Input Validation vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated.
local
low complexity
nvidia CWE-20
7.8
2019-05-10 CVE-2019-5675 Improper Synchronization vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure.
local
low complexity
nvidia CWE-662
7.8
2019-04-12 CVE-2018-6269 Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution.
local
low complexity
nvidia CWE-732
7.8
2019-03-28 CVE-2019-5674 Link Following vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled.
local
high complexity
nvidia CWE-59
7.0
2019-02-27 CVE-2019-5670 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure.
local
low complexity
nvidia CWE-119
7.8
2019-02-27 CVE-2019-5669 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-119
7.8
2019-02-27 CVE-2019-5668 NULL Pointer Dereference vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-476
7.8