Skip to main content
CVE-2019-18840 HIGH POC This Week

In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Wolfssl
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2019-5701 HIGH PATCH This Week

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Information Disclosure Nvidia Intel RCE +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-5692 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Nvidia Denial Of Service Microsoft Gpu Driver
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5691 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service Microsoft Gpu Driver
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5690 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Nvidia Buffer Overflow Microsoft Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5689 HIGH PATCH This Week

NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Nvidia Denial Of Service Information Disclosure RCE Geforce Experience
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18845 HIGH This Week

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Viper Rgb Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.4%
CVE-2019-5697 HIGH PATCH This Week

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Nvidia Denial Of Service Information Disclosure Virtual Gpu Manager
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy