Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-08 | CVE-2016-4960 | Improper Input Validation vulnerability in Nvidia Geforce Experience For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. | 6.9 |
| 2015-11-24 | CVE-2015-8328 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. | 6.6 |
| 2015-11-24 | CVE-2015-7869 | Numeric Errors vulnerability in multiple products Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors, which trigger uninitialized or out of bounds memory access. | 6.6 |
| 2015-09-30 | CVE-2015-5950 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Display Driver and GPU Driver The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privileges via a crafted ioctl call. | 6.9 |
| 2013-04-08 | CVE-2013-0111 | Local Privilege Escalation vulnerability in Nvidia Driver 310.00 daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. | 6.8 |
| 2013-04-08 | CVE-2013-0110 | Local Privilege Escalation vulnerability in Nvidia Driver 310.00 nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. | 6.8 |
| 2012-04-22 | CVE-2012-0946 | Permissions, Privileges, and Access Controls vulnerability in Nvidia Unix Driver The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges. | 4.6 |
| 2006-12-07 | CVE-2006-6340 | Local Denial of Service vulnerability in Nvidia NView Keystone.EXE keystone.exe in nVIDIA nView allows attackers to cause a denial of service via a long command line argument. | 5.0 |