Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-11-11 CVE-2020-5992 Uncontrolled Search Path Element vulnerability in Nvidia Geforce NOW
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges.
local
nvidia CWE-427
4.4
2020-10-30 CVE-2020-5991 Out-of-bounds Read vulnerability in Nvidia Cuda Toolkit 10.0.130/10.2.89/9.0.176
NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.
local
low complexity
nvidia CWE-125
4.6
2020-10-23 CVE-2020-5990 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
local
low complexity
nvidia
4.6
2020-10-23 CVE-2020-5978 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.
local
low complexity
nvidia
4.6
2020-10-23 CVE-2020-5977 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
local
nvidia CWE-427
4.4
2020-10-02 CVE-2020-5987 Incomplete Cleanup vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-459
4.6
2020-10-02 CVE-2020-5984 Use After Free vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure.
local
low complexity
nvidia CWE-416
4.6
2020-10-02 CVE-2020-5981 Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.
local
low complexity
nvidia CWE-787
4.6
2020-10-02 CVE-2020-5980 Unspecified vulnerability in Nvidia Virtual GPU Manager
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.
local
low complexity
nvidia
4.6
2020-10-02 CVE-2020-5979 Unspecified vulnerability in Nvidia Virtual GPU Manager
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.
local
low complexity
nvidia
4.6