Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-1089 | Uncontrolled Search Path Element vulnerability in Nvidia GPU Display Driver 427.33/452.96/462.31 NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | 4.6 |
| 2021-07-22 | CVE-2021-1093 | Improper Resource Shutdown or Release vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. | 5.5 |
| 2021-07-22 | CVE-2021-1094 | Out-of-bounds Read vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | 6.1 |
| 2021-07-22 | CVE-2021-1095 | NULL Pointer Dereference vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. | 5.5 |
| 2021-07-22 | CVE-2021-1096 | NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver 427.33/452.96/462.31 NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash. | 4.9 |
| 2021-07-21 | CVE-2021-1097 | Improper Input Validation vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. | 4.6 |
| 2021-07-21 | CVE-2021-1098 | Improper Resource Shutdown or Release vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. | 4.6 |
| 2021-07-21 | CVE-2021-1099 | Out-of-bounds Write vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. | 4.6 |
| 2021-06-30 | CVE-2021-34374 | Improper Input Validation vulnerability in Nvidia Jetson Linux Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. | 4.6 |
| 2021-06-30 | CVE-2021-34375 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure. | 4.6 |