Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-06 | CVE-2019-5686 | Improper Input Validation vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. | 4.9 |
| 2019-07-19 | CVE-2019-5680 | Improper Input Validation vulnerability in Nvidia Jetson TX1 Firmware In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges. | 4.6 |
| 2019-06-05 | CVE-2017-6261 | Improper Input Validation vulnerability in Nvidia Vibrante Linux 1.1/2.0/2.2 NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosure. | 4.6 |
| 2019-05-31 | CVE-2019-5678 | Improper Input Validation vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. | 4.6 |
| 2019-05-10 | CVE-2019-5677 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | 4.9 |
| 2019-04-12 | CVE-2018-6269 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. | 4.6 |
| 2019-04-11 | CVE-2019-5672 | Key Management Errors vulnerability in Nvidia Jetson TX1 and Jetson TX2 NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure. | 6.4 |
| 2019-04-01 | CVE-2018-3979 | Resource Exhaustion vulnerability in multiple products A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. | 6.5 |
| 2019-03-28 | CVE-2019-5674 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. | 6.9 |
| 2019-02-27 | CVE-2019-5671 | Missing Release of Resource after Effective Lifetime vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | 4.9 |