RSS   Vulnerabilities for 'Geforce experience'   RSS

2017-10-16
 
CVE-2017-0316

 

 
In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.

 
2017-04-28
 
CVE-2017-6250

 

 
NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution.

 
2016-12-16
 
CVE-2016-8827

 

 
NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack.

 
2016-11-08
 
CVE-2016-8812

 

 
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.

 
 
CVE-2016-5852

 

 
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.

 
 
CVE-2016-4961

 

 
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

 
 
CVE-2016-4960

 

 
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.

 
 
CVE-2016-3161

 

 
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.

 

 >>> Vendor: Nvidia 49 Products
Binary graphics driver
Nview
Video driver
Cuda toolkit
Geforce 310 driver
9400m driver
Stereoscopic 3d driver
Unix driver
Unix graphic driver
Display driver
Driver
Gpu driver
Gpu driver r304
Gpu driver r340
Gpu driver r343
Gpu driver r346
R340
R352
Geforce experience
Tegra k1 cd570m-a1
Tegra k1 cd580m-a1
Shield tablet tk1 firmware
Shield tablet firmware
Shield tv firmware
Adsp firmware
Tegra x1 firmware
Jetson tk1 firmware
Jetson tx1 firmware
Tegra k1 firmware
Tegra bootrom rcm
Geforce gtx 745 firmware
Geforce gtx 750 firmware
Geforce gtx 750 ti firmware
Geforce gtx 840m firmware
Geforce gtx 845m firmware
Geforce gtx 850m firmware
Geforce gtx 860m firmware
Geforce gtx 950m firmware
Geforce gtx 960m firmware
Grid m30 firmware
Grid m40 firmware
Quadro k1200 firmware
Quadro k2200 firmware
Quadro k620 firmware
Quadro m1000m firmware
Quadro m1200m firmware
Jetson tx2
Jetson tx1
Vibrante linux


Copyright 2019, cxsecurity.com

 

Back to Top