Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-09 | CVE-2019-5694 | Uncontrolled Search Path Element vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | 6.5 |
| 2019-11-09 | CVE-2019-5693 | Access of Uninitialized Pointer vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service. | 5.5 |
| 2019-08-06 | CVE-2019-5686 | Unspecified vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. | 5.5 |
| 2019-07-19 | CVE-2019-5680 | Improper Input Validation vulnerability in Nvidia Jetson TX1 Firmware 24.2.2/28.1 In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges. | 6.7 |
| 2019-05-10 | CVE-2019-5677 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | 5.5 |
| 2019-05-10 | CVE-2019-5676 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Display Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. | 6.7 |
| 2019-04-12 | CVE-2018-6239 | Information Exposure vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. | 5.5 |
| 2019-04-11 | CVE-2019-5673 | Improper Check for Unusual or Exceptional Conditions vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service. | 6.1 |
| 2019-04-01 | CVE-2018-3979 | Resource Exhaustion vulnerability in multiple products A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. | 6.5 |
| 2019-02-27 | CVE-2019-5671 | Missing Release of Resource after Effective Lifetime vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | 5.5 |