) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-6263 |
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges. Published: November 27, 2018; 1:29:02 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2018-6262 |
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure. Published: October 02, 2018; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 2.5 LOW V2.0: 1.9 LOW |
| CVE-2018-6261 |
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access. Published: October 02, 2018; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 4.4 MEDIUM |
| CVE-2017-6250 |
NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution. Published: April 28, 2017; 5:59:00 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2016-8812 |
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges. Published: November 08, 2016; 3:59:25 PM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-5852 |
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path. Published: November 08, 2016; 3:59:05 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-4961 |
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Published: November 08, 2016; 3:59:03 PM -0500 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
| CVE-2016-4960 |
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. Published: November 08, 2016; 3:59:02 PM -0500 |
V4.0:(not available) V3.0: 7.3 HIGH V2.0: 6.9 MEDIUM |
| CVE-2016-3161 |
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path. Published: November 08, 2016; 3:59:00 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |