Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-27 CVE-2018-6265 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.
local
low complexity
nvidia microsoft
4.6
2018-11-27 CVE-2018-6263 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.
local
low complexity
nvidia microsoft
4.6
2018-10-02 CVE-2018-6261 Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.
local
nvidia CWE-732
4.4
2018-08-31 CVE-2018-6257 Unspecified vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.
local
nvidia
4.4
2018-04-02 CVE-2018-6253 Infinite Loop vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.
local
low complexity
nvidia freebsd linux microsoft oracle CWE-835
4.9
2018-04-02 CVE-2018-6252 Unspecified vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.
local
low complexity
nvidia microsoft
4.9
2018-03-26 CVE-2017-6278 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia products
NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-119
4.6
2018-03-06 CVE-2017-6296 Race Condition vulnerability in multiple products
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges.
4.4
2018-03-06 CVE-2017-6283 Information Exposure vulnerability in multiple products
NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure.
local
low complexity
nvidia google CWE-200
4.9
2017-10-17 CVE-2017-6273 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Adsp Firmware
NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.
local
low complexity
nvidia CWE-119
4.6