CVSS: 8.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-0184
https://notcve.org/view.php?id=CVE-2023-0184
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42292
https://notcve.org/view.php?id=CVE-2022-42292
NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5384 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31611
https://notcve.org/view.php?id=CVE-2022-31611
NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution. • https://nvidia.custhelp.com/app/answers/detail/a_id/5384 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42291
https://notcve.org/view.php?id=CVE-2022-42291
NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory. • https://nvidia.custhelp.com/app/answers/detail/a_id/5384 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34684
https://notcve.org/view.php?id=CVE-2022-34684
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure. NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un error de uno en uno puede provocar manipulación de datos o divulgación de información. • https://nvidia.custhelp.com/app/answers/detail/a_id/5415 https://security.gentoo.org/glsa/202310-02 • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •