U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:nvidia:geforce_experience:3.1.2
There are 29 matching records.
Displaying matches 21 through 29.
Vuln ID Summary CVSS Severity
CVE-2018-6263

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.

Published: November 27, 2018; 1:29:02 PM -0500 		V3.0: 7.8 HIGH
 V2.0: 4.6 MEDIUM
CVE-2018-6262

NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.

Published: October 02, 2018; 1:29:00 PM -0400 		V3.0: 2.5 LOW
 V2.0: 1.9 LOW
CVE-2018-6261

NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.

Published: October 02, 2018; 1:29:00 PM -0400 		V3.0: 7.0 HIGH
 V2.0: 4.4 MEDIUM
CVE-2018-6259

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.

Published: August 31, 2018; 4:29:00 PM -0400 		V3.0: 2.5 LOW
 V2.0: 1.9 LOW
CVE-2018-6258

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.

Published: August 31, 2018; 4:29:00 PM -0400 		V3.0: 4.7 MEDIUM
 V2.0: 1.9 LOW
CVE-2018-6257

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.

Published: August 31, 2018; 4:29:00 PM -0400 		V3.0: 7.0 HIGH
 V2.0: 4.4 MEDIUM
CVE-2017-0316

In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.

Published: October 16, 2017; 5:29:00 PM -0400 		V3.1: 7.8 HIGH
 V2.0: 4.6 MEDIUM
CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Published: October 03, 2017; 9:29:02 PM -0400 		V3.1: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2017-6250

NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution.

Published: April 28, 2017; 5:59:00 PM -0400 		V3.0: 8.8 HIGH
 V2.0: 4.6 MEDIUM