CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2020-5964
https://notcve.org/view.php?id=CVE-2020-5964
25 Jun 2020 — NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure. NVIDIA Windows GPU Display Driver, todas las versiones, contiene una vulnerabilidad en el componente service host, en el que se puede pasar por alto la comprobación de integridad de los recursos de la aplicación. Tal ataque puede conllevar a una ejecuci... • https://nvidia.custhelp.com/app/answers/detail/a_id/5031 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5702
https://notcve.org/view.php?id=CVE-2019-5702
24 Dec 2019 — NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. NVIDIA GeForce Experience, todas las versiones anteriores a 3.20.2, contiene una vulnerabilidad cuando GameStream está habilitado en la que un atacante con acceso al sistema local puede corromper un archivo del sistema, lo que puede conllevar a una denegación de se... • https://nvidia.custhelp.com/app/answers/detail/a_id/4954 •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 1CVE-2019-5695
https://notcve.org/view.php?id=CVE-2019-5695
12 Nov 2019 — NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. NVIDIA GeForce Experience (versiones anteriores a 3.20.1) y Windows ... • https://nvidia.custhelp.com/app/answers/detail/a_id/4860 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5701
https://notcve.org/view.php?id=CVE-2019-5701
09 Nov 2019 — NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. NVIDIA GeForce Experience, todas las versiones anteriores a la versión 3.20.0.118, contiene una vul... • https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5689
https://notcve.org/view.php?id=CVE-2019-5689
09 Nov 2019 — NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure. NVIDIA GeForce Experience, todas las versiones anteriores a 3.20.1, contiene una vulnerabilidad en el componente Downloader en el que un usuario con acceso al sistema local puede diseñar entradas qu... • https://nvidia.custhelp.com/app/answers/detail/a_id/4860 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5678
https://notcve.org/view.php?id=CVE-2019-5678
31 May 2019 — NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure. NVIDIA GeForce Experience versiones anteriores a 3.19 contiene una vulnerabilidad en el componente Web Helper, en la que un atacante con acceso al sistema local puede crear una entrada que puede no estar validada apropiadam... • https://nvidia.custhelp.com/app/answers/detail/a_id/4806 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5676
https://notcve.org/view.php?id=CVE-2019-5676
10 May 2019 — NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. El software controlador de la GPU NVIDIA Windows Display para Windows (todas las versiones) contiene una vulnerabilidad en la que carga incorrectamente las DLL del sistema Windows sin validar la ruta o la f... • https://nvidia.custhelp.com/app/answers/detail/a_id/4797 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5674
https://notcve.org/view.php?id=CVE-2019-5674
28 Mar 2019 — NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges. NVIDIA GeForce Experience, en versiones anteriores a la 3.18, contiene una vulnerabilidad cuando ShadowPlay o GameStream está habilitado. Cuando un atacante tiene acceso al sistema y crea un enlace f... • http://support.lenovo.com/us/en/solutions/LEN-27096 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6265
https://notcve.org/view.php?id=CVE-2018-6265
27 Nov 2018 — NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser. NVIDIA GeForce Experience contiene una vulnerabilidad en todas las versiones anteriores a la 3.16 durante la instalación de la aplicación en Windows 7 en modo de privilegios elevados, donde un usuario local que inicia una sesión del navegador podría obten... • https://nvidia.custhelp.com/app/answers/detail/a_id/4740 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6263
https://notcve.org/view.php?id=CVE-2018-6263
27 Nov 2018 — NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges. NVIDIA GeForce Experience contiene una vulnerabilidad en todas las versiones anteriores a la 3.16 en Windows por la cual un atacante con acceso a la cuenta de usuario local puede colocar un DLL (Dynamic Link Library) malicioso durante... • https://nvidia.custhelp.com/app/answers/detail/a_id/4740 •