CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2016-7386 – NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace
https://notcve.org/view.php?id=CVE-2016-7386
29 Oct 2016 — For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabil... • https://packetstorm.news/files/id/139386 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7866
https://notcve.org/view.php?id=CVE-2015-7866
24 Nov 2015 — Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:\Program.exe. Vulnerabilidad de ruta de búsqueda sin entrecomillar en Windows en el Smart Maximize Helper (nvSmartMaxApp.exe) en el Control Panel en el controlador de gráficos NVIDIA GPU R340 en versi... • http://nvidia.custhelp.com/app/answers/detail/a_id/3806/kw/security •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8328
https://notcve.org/view.php?id=CVE-2015-8328
24 Nov 2015 — Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-7869 per ADT2 and ADT3 due to different vulnerability types and affected versions. Vulnerabilidad no especificada en la capa de soporte NVAPI en el driver de gráficos NV... • http://nvidia.custhelp.com/app/answers/detail/a_id/3808/kw/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 3CVE-2015-7865 – Nvidia Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation
https://notcve.org/view.php?id=CVE-2015-7865
24 Nov 2015 — nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784. nvSCPAPISvr.exe en el Stereoscopic 3D Driver Service en el controlador de gráficos ... • https://packetstorm.news/files/id/134520 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2015-7869 – Ubuntu Security Notice USN-2814-1
https://notcve.org/view.php?id=CVE-2015-7869
19 Nov 2015 — Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors, which trigger uninitialized or out of bounds memory access. NOTE: this identifier has been SPLIT per ADT2 and ADT3 due... • http://nvidia.custhelp.com/app/answers/detail/a_id/3808/kw/security • CWE-189: Numeric Errors •
CVSS: 8.4EPSS: 1%CPEs: 11EXPL: 0CVE-2014-8298 – Ubuntu Security Notice USN-2438-1
https://notcve.org/view.php?id=CVE-2014-8298
10 Dec 2014 — The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request. Los controladores NVIDIA Linux Discrete GPU en versiones anteriores a R304.125, R331.x en versiones an... • http://nvidia.custhelp.com/app/answers/detail/a_id/3610 • CWE-19: Data Processing Errors •