Vulnerabilities > Nvidia > High

DATE CVE VULNERABILITY TITLE RISK
2016-12-16 CVE-2016-8816 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8
2016-12-16 CVE-2016-8815 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-129
7.8
2016-12-16 CVE-2016-8814 NULL Pointer Dereference vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-476
7.8
2016-12-16 CVE-2016-8813 NULL Pointer Dereference vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-476
7.8
2016-11-08 CVE-2016-8812 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Geforce Experience
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
local
low complexity
nvidia CWE-119
8.8
2016-11-08 CVE-2016-8811 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000170 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-8810 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100009a where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-8809 Improper Input Validation vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2016-11-08 CVE-2016-8808 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000d5 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8
2016-11-08 CVE-2016-8807 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-264
7.8