Skip to main content

Nvidia

919 CVEs vendor

Monthly

CVE-2015-7019 MEDIUM This Month

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Nvidia Buffer Overflow Mac Os X
NVD
CVSS 2.0
5.6
EPSS
0.0%
CVE-2015-5950 MEDIUM This Month

The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA. Rated medium severity (CVSS 6.9). No vendor patch available.

Nvidia Linux Buffer Overflow Microsoft Gpu Driver +1
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-3625 HIGH PATCH This Week

The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Nvidia Privilege Escalation Gpu Driver
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3712 CRITICAL PATCH Act Now

The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Nvidia Buffer Overflow RCE +1
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2015-1137 HIGH POC This Week

The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Nvidia Denial Of Service Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1170 HIGH This Week

The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Gpu Driver R304 Gpu Driver R340 Gpu Driver R343 +1
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-5332 MEDIUM POC This Month

Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Nvidia Google Linux +2
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2014-8298 HIGH This Week

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Nvidia Google Denial Of Service Gpu Driver +1
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2013-5987 HIGH This Week

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Authentication Bypass Gpu Driver Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-5986 CRITICAL Act Now

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Information Disclosure Gpu Driver
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2013-1729 LOW Monitor

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Nvidia Firefox
NVD
CVSS 2.0
2.6
EPSS
0.4%
CVE-2013-2874 MEDIUM This Month

Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Nvidia Google Microsoft Chrome
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2013-0131 HIGH PATCH This Week

Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow Nvidia RCE Gpu Driver
NVD
CVSS 2.0
7.1
EPSS
5.2%
CVE-2013-0111 MEDIUM This Month

daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Microsoft Information Disclosure Driver
NVD
CVSS 2.0
6.8
EPSS
0.0%
CVE-2013-0110 MEDIUM This Month

nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Microsoft Information Disclosure Driver
NVD
CVSS 2.0
6.8
EPSS
0.0%
CVE-2013-0109 HIGH POC PATCH Act Now

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Nvidia Microsoft Display Driver
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
7.3%
CVE-2012-4225 HIGH This Week

NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nvidia Unix Graphic Driver
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2012-3105 CRITICAL Act Now

The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Denial Of Service Buffer Overflow Nvidia RCE +4
NVD
CVSS 2.0
9.3
EPSS
2.7%
CVE-2012-0946 MEDIUM POC This Month

The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Nvidia Unix Driver
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
0.1%
EPSS 0% CVSS 5.6
MEDIUM This Month

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Nvidia +2
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA. Rated medium severity (CVSS 6.9). No vendor patch available.

Nvidia Linux Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Nvidia Privilege Escalation Gpu Driver
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Nvidia +3
NVD
EPSS 0% CVSS 7.2
HIGH POC This Week

The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Nvidia Denial Of Service +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Gpu Driver R304 +3
NVD
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Nvidia +4
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Nvidia Google +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Authentication Bypass Gpu Driver +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Information Disclosure Gpu Driver
NVD
EPSS 0% CVSS 2.6
LOW Monitor

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Nvidia +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Nvidia Google +2
NVD
EPSS 5% CVSS 7.1
HIGH PATCH This Week

Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow Nvidia RCE +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Microsoft Information Disclosure +1
NVD
EPSS 7% CVSS 7.2
HIGH POC PATCH Act Now

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Nvidia +2
NVD Exploit-DB
EPSS 0% CVSS 7.2
HIGH This Week

NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nvidia Unix Graphic Driver
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Denial Of Service Buffer Overflow +6
NVD
EPSS 0% CVSS 4.6
MEDIUM POC This Month

The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Nvidia Unix Driver
NVD Exploit-DB
Prev Page 11 of 11

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy