Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): nvidia
There are 359 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2018-6269

NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3.

Published: April 12, 2019; 1:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2018-6239

NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3.

Published: April 12, 2019; 1:29:00 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2019-5673

NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service.

Published: April 11, 2019; 1:29:01 PM -0400
V3.0: 6.1 MEDIUM
V2.0: 3.6 LOW
CVE-2019-5672

NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure.

Published: April 11, 2019; 1:29:01 PM -0400
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2018-3979

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).

Published: April 01, 2019; 5:30:43 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-5674

NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.

Published: March 28, 2019; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2019-5671

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2019-5670

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-5669

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer, which may lead to denial of service or escalation of privileges.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-5668

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-5667

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-5666

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-5665

NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This behavior may lead to code execution, denial of service or escalation of privileges.

Published: February 27, 2019; 6:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2018-6271

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.

Published: February 13, 2019; 5:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-6268

NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.

Published: February 13, 2019; 5:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-6267

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947.

Published: February 13, 2019; 5:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-6241

NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version: N/A.

Published: January 31, 2019; 3:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2018-6266

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.

Published: November 27, 2018; 1:29:02 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-6265

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.

Published: November 27, 2018; 1:29:02 PM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2018-6263

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.

Published: November 27, 2018; 1:29:02 PM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM