Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-27 CVE-2018-6266 Information Exposure vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.
local
low complexity
nvidia CWE-200
5.5
2018-11-13 CVE-2018-6260 Information Exposure vulnerability in Nvidia GPU Driver
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters.
local
low complexity
nvidia CWE-200
5.5
2018-08-31 CVE-2018-6258 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.
local
high complexity
nvidia
4.7
2018-05-22 CVE-2018-3639 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
5.5
2018-05-01 CVE-2018-6242 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Tegra Bootrom RCM
Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM).
low complexity
nvidia CWE-119
6.8
2018-04-02 CVE-2018-6253 Infinite Loop vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.
local
low complexity
nvidia CWE-835
5.5
2018-04-02 CVE-2018-6252 Unspecified vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.
local
low complexity
nvidia
5.5
2018-03-06 CVE-2017-6284 Inadequate Encryption Strength vulnerability in multiple products
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
local
low complexity
nvidia google CWE-326
5.5
2018-03-06 CVE-2017-6283 Information Exposure vulnerability in multiple products
NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure.
local
low complexity
nvidia google CWE-200
5.5
2017-09-22 CVE-2017-6271 Divide By Zero vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service.
local
low complexity
nvidia CWE-369
5.5