Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-5992 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce NOW NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | 4.4 |
| 2020-10-30 | CVE-2020-5991 | Out-of-bounds Read vulnerability in Nvidia Cuda Toolkit 10.0.130/10.2.89/9.0.176 NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure. | 4.6 |
| 2020-10-23 | CVE-2020-5990 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | 4.6 |
| 2020-10-23 | CVE-2020-5978 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | 4.6 |
| 2020-10-23 | CVE-2020-5977 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. | 4.4 |
| 2020-10-02 | CVE-2020-5987 | Incomplete Cleanup vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. | 4.6 |
| 2020-10-02 | CVE-2020-5984 | Use After Free vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. | 4.6 |
| 2020-10-02 | CVE-2020-5981 | Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution. | 4.6 |
| 2020-10-02 | CVE-2020-5980 | Unspecified vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service. | 4.6 |
| 2020-10-02 | CVE-2020-5979 | Unspecified vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges. | 4.6 |