Filtered by vendor Nvidia
Subscribe
Total
467 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34405 | 2 Google, Nvidia | 2 Android, Shield Experience | 2022-01-25 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service. | |||||
| CVE-2021-34406 | 2 Google, Nvidia | 2 Android, Shield Experience | 2022-01-25 | 4.7 MEDIUM | 4.7 MEDIUM |
| NVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a specific race condition can lead to a null pointer dereference, which may lead to a system reboot. | |||||
| CVE-2022-22821 | 1 Nvidia | 1 Nemo | 2022-01-18 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. | |||||
| CVE-2021-23175 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2022-01-07 | 4.4 MEDIUM | 8.2 HIGH |
| NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream. | |||||
| CVE-2019-5701 | 1 Nvidia | 1 Geforce Experience | 2022-01-01 | 6.2 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. | |||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2022-01-01 | 6.9 MEDIUM | 6.5 MEDIUM |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||
| CVE-2019-5694 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2022-01-01 | 4.4 MEDIUM | 6.5 MEDIUM |
| NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access. | |||||
| CVE-2021-1125 | 3 Linux, Microsoft, Nvidia | 109 Linux Kernel, Windows, Dgx-1 P100 and 106 more | 2021-11-26 | 4.9 MEDIUM | 4.4 MEDIUM |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data. | |||||
| CVE-2021-34399 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2021-11-24 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure. | |||||
| CVE-2021-1088 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2021-11-24 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure. | |||||
| CVE-2021-1105 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2021-11-24 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure. | |||||
| CVE-2021-34400 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2021-11-24 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure. | |||||
| CVE-2021-1117 | 1 Nvidia | 1 Gpu Display Driver | 2021-11-04 | 1.9 LOW | 5.5 MEDIUM |
| Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service. | |||||
| CVE-2021-1121 | 1 Nvidia | 1 Virtual Gpu | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service. | |||||
| CVE-2021-1122 | 1 Nvidia | 1 Virtual Gpu | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. | |||||
| CVE-2021-1119 | 1 Nvidia | 1 Virtual Gpu | 2021-11-02 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability. | |||||
| CVE-2021-1120 | 1 Nvidia | 1 Virtual Gpu | 2021-11-02 | 4.6 MEDIUM | 7.0 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and denial of service. | |||||
| CVE-2021-1116 | 1 Nvidia | 1 Gpu Display Driver | 2021-10-28 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash. | |||||
| CVE-2021-1115 | 1 Nvidia | 1 Gpu Display Driver | 2021-10-28 | 2.1 LOW | 6.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component. | |||||
| CVE-2021-1109 | 1 Nvidia | 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more | 2021-09-21 | 3.3 LOW | 6.3 MEDIUM |
| NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams. | |||||