Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-25 CVE-2020-5965 Out-of-bounds Read vulnerability in Nvidia products
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, leading to denial of service.
local
low complexity
nvidia CWE-125
5.5
2020-05-08 CVE-2012-0953 Race Condition vulnerability in Nvidia Display Driver 295.49
A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace.
local
high complexity
nvidia CWE-362
5.0
2020-05-08 CVE-2012-0952 Out-of-bounds Write vulnerability in Nvidia Display Driver 295.49
A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes.
local
high complexity
nvidia CWE-787
5.0
2020-03-12 CVE-2020-5961 Incomplete Cleanup vulnerability in Nvidia Virtual GPU Graphics Driver
NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.
local
low complexity
nvidia CWE-459
5.5
2020-03-12 CVE-2020-5960 NULL Pointer Dereference vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service.
local
low complexity
nvidia CWE-476
5.5
2020-03-12 CVE-2020-5959 Improper Validation of Array Index vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service.
local
low complexity
nvidia CWE-129
5.5
2019-11-18 CVE-2019-5688 Unspecified vulnerability in Nvidia Gpumodeswitch, Nvflash and Nvuflash
NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service.
local
low complexity
nvidia
6.7
2019-11-12 CVE-2019-5695 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Driver
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
local
low complexity
nvidia CWE-427
6.5
2019-11-09 CVE-2019-5698 Improper Validation of Array Index vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service.
local
low complexity
nvidia CWE-129
4.4
2019-11-09 CVE-2019-5696 Incorrect Calculation of Buffer Size vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.
local
low complexity
nvidia CWE-131
5.5