Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-21 CVE-2021-1075 NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges.
local
low complexity
nvidia CWE-476
5.6
2021-04-21 CVE-2021-1074 Unspecified vulnerability in Nvidia GPU Display Driver 390/392.61
NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files.
local
nvidia
6.9
2021-01-20 CVE-2021-1068 Out-of-bounds Read vulnerability in Nvidia Shield Experience
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-125
4.6
2021-01-20 CVE-2021-1067 Unspecified vulnerability in Nvidia Shield Experience
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia
4.6
2021-01-08 CVE-2021-1063 Out-of-bounds Read vulnerability in Nvidia Virtual GPU Manager
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service.
local
low complexity
nvidia CWE-125
4.6
2021-01-08 CVE-2021-1059 Integer Overflow or Wraparound vulnerability in Nvidia Virtual GPU Manager
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service.
local
low complexity
nvidia CWE-190
4.6
2021-01-08 CVE-2021-1057 Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure.
local
low complexity
nvidia CWE-770
4.6
2021-01-08 CVE-2021-1055 Unspecified vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.
local
low complexity
nvidia
4.6
2021-01-08 CVE-2021-1053 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.
local
low complexity
nvidia CWE-20
5.5
2021-01-08 CVE-2021-1051 Improper Privilege Management vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.
local
low complexity
nvidia CWE-269
6.6