Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-18 CVE-2020-5976 Unspecified vulnerability in Nvidia Games and Geforce NOW
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.
network
low complexity
nvidia
5.0
2020-09-18 CVE-2020-5975 Information Exposure vulnerability in Nvidia Geforce NOW
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.
network
low complexity
nvidia CWE-200
5.0
2020-07-08 CVE-2020-5974 Incorrect Default Permissions vulnerability in Nvidia Jetpack Software Development KIT 4.2/4.3
NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges.
local
low complexity
nvidia CWE-276
4.6
2020-06-30 CVE-2020-5971 Out-of-bounds Read vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalation of privileges, or information disclosure.
local
low complexity
nvidia CWE-125
4.6
2020-06-30 CVE-2020-5968 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial of service, escalation of privileges, or information disclosure.
local
low complexity
nvidia CWE-119
4.6
2020-06-25 CVE-2020-5966 NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-476
4.6
2020-06-25 CVE-2020-5964 Improper Validation of Integrity Check Value vulnerability in Nvidia products
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed.
local
low complexity
nvidia CWE-354
4.6
2020-06-25 CVE-2020-5963 Improper Privilege Management vulnerability in multiple products
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.
local
low complexity
nvidia canonical CWE-269
4.6
2020-06-24 CVE-2020-5962 Improper Privilege Management vulnerability in Nvidia products
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-269
4.6
2020-05-08 CVE-2012-0953 Race Condition vulnerability in Nvidia Display Driver 295.49
A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace.
local
nvidia CWE-362
4.4