Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-08 | CVE-2016-7382 | Permission Issues vulnerability in Nvidia GPU Driver For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges. | 7.8 |
| 2016-11-08 | CVE-2016-7381 | Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-11-08 | CVE-2016-5852 | Unspecified vulnerability in Nvidia Geforce Experience For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. | 7.8 |
| 2016-11-08 | CVE-2016-4960 | Improper Input Validation vulnerability in Nvidia Geforce Experience For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. | 7.3 |
| 2016-11-08 | CVE-2016-4959 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. | 7.5 |
| 2016-11-08 | CVE-2016-3161 | Unspecified vulnerability in Nvidia Geforce Experience For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. | 7.8 |
| 2016-04-12 | CVE-2016-2558 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver R340 and GPU Driver R352 The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access. | 8.4 |
| 2016-04-12 | CVE-2016-2557 | Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver R340 and GPU Driver R352 The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access. | 8.4 |
| 2016-04-12 | CVE-2016-2556 | Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver R340 and GPU Driver R352 The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors. | 7.8 |