Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-15 CVE-2017-0318 Improper Input Validation vulnerability in Nvidia GPU Driver
All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.
local
low complexity
nvidia CWE-20
5.5
2017-02-15 CVE-2017-0310 Improper Privilege Management vulnerability in Nvidia GPU Driver
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.
local
low complexity
nvidia CWE-269
6.5
2016-12-16 CVE-2016-8827 Path Traversal vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack.
network
low complexity
nvidia CWE-22
6.5
2016-12-16 CVE-2016-8826 Resource Management Errors vulnerability in Nvidia GPU Driver
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) where a user can cause a GPU interrupt storm, leading to a denial of service.
local
low complexity
nvidia CWE-399
5.5
2016-12-16 CVE-2016-8820 Improper Input Validation vulnerability in Nvidia GPU Driver
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure.
local
low complexity
nvidia CWE-20
6.1
2016-11-08 CVE-2016-7386 Information Exposure vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer.
local
low complexity
nvidia CWE-200
5.5
2016-11-08 CVE-2016-5025 Improper Input Validation vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
local
low complexity
nvidia CWE-20
6.6
2016-11-08 CVE-2016-4961 Improper Input Validation vulnerability in Nvidia Geforce Experience
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
local
low complexity
nvidia CWE-20
5.5