U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/h:nvidia:geforce_920mx:-
There are 8 matching records.
Displaying matches 1 through 8.
Vuln ID Summary CVSS Severity
CVE-2016-8812

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.

Published: November 08, 2016; 3:59:25 PM -0500 		V3.0: 8.8 HIGH
 V2.0: 7.2 HIGH
CVE-2016-7382

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.

Published: November 08, 2016; 3:59:07 PM -0500 		V3.0: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2016-5852

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.

Published: November 08, 2016; 3:59:05 PM -0500 		V3.0: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2016-5025

For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

Published: November 08, 2016; 3:59:04 PM -0500 		V3.0: 6.6 MEDIUM
 V2.0: 6.1 MEDIUM
CVE-2016-4961

For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

Published: November 08, 2016; 3:59:03 PM -0500 		V3.0: 5.5 MEDIUM
 V2.0: 4.9 MEDIUM
CVE-2016-4960

For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.

Published: November 08, 2016; 3:59:02 PM -0500 		V3.0: 7.3 HIGH
 V2.0: 6.9 MEDIUM
CVE-2016-4959

For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.

Published: November 08, 2016; 3:59:01 PM -0500 		V3.0: 7.5 HIGH
 V2.0: 7.8 HIGH
CVE-2016-3161

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.

Published: November 08, 2016; 3:59:00 PM -0500 		V3.0: 7.8 HIGH
 V2.0: 7.2 HIGH