Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-11 | CVE-2019-5672 | Key Management Errors vulnerability in Nvidia Jetson TX1 and Jetson TX2 NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure. | 6.4 |
| 2019-04-01 | CVE-2018-3979 | Resource Exhaustion vulnerability in multiple products A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. | 6.5 |
| 2019-03-28 | CVE-2019-5674 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. | 6.9 |
| 2019-02-27 | CVE-2019-5671 | Missing Release of Resource after Effective Lifetime vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | 4.9 |
| 2018-11-27 | CVE-2018-6265 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser. | 4.6 |
| 2018-11-27 | CVE-2018-6263 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges. | 4.6 |
| 2018-10-02 | CVE-2018-6261 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access. | 4.4 |
| 2018-08-31 | CVE-2018-6257 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both. local nvidia | 4.4 |
| 2018-04-02 | CVE-2018-6253 | Infinite Loop vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service. | 4.9 |
| 2018-04-02 | CVE-2018-6252 | Unspecified vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service. | 4.9 |