Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-10 | CVE-2019-5675 | Improper Synchronization vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure. | 7.8 |
| 2019-04-12 | CVE-2018-6269 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. | 7.8 |
| 2019-03-28 | CVE-2019-5674 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. | 7.0 |
| 2019-02-27 | CVE-2019-5670 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure. | 7.8 |
| 2019-02-27 | CVE-2019-5669 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer, which may lead to denial of service or escalation of privileges. | 7.8 |
| 2019-02-27 | CVE-2019-5668 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges. | 7.8 |
| 2019-02-27 | CVE-2019-5667 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges. | 7.8 |
| 2019-02-27 | CVE-2019-5666 | Improper Validation of Array Index vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges. | 7.8 |
| 2019-02-27 | CVE-2019-5665 | Link Following vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. | 7.8 |
| 2018-11-27 | CVE-2018-6265 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser. | 7.8 |