CVSS: 5.5EPSS: 0%CPEs: 40EXPL: 0CVE-2016-4961
https://notcve.org/view.php?id=CVE-2016-4961
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los parámetros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores de gráficos de NVIDIA Windows. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 0%CPEs: 40EXPL: 0CVE-2016-4960
https://notcve.org/view.php?id=CVE-2016-4960
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys está validando incorrectamente los datos suministrados por el usuario a través de sus puntos de entrada de la API lo que causa una elevación de privilegios. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2016-5852
https://notcve.org/view.php?id=CVE-2016-5852
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path. Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStre... • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 •
CVSS: 6.6EPSS: 0%CPEs: 43EXPL: 0CVE-2016-5025
https://notcve.org/view.php?id=CVE-2016-5025
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los párametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores gráficos de NVIDIA Windows. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2016-3161
https://notcve.org/view.php?id=CVE-2016-3161
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path. Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream ... • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2016-4959
https://notcve.org/view.php?id=CVE-2016-4959
08 Nov 2016 — For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash. Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegación de servicio Remote Desktop. Una explotación exitosa de la vulnerabilidad del sistema tendría como resultado en un a referencia a puntero nulo del kernel, causando una caída de pantalla azul. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 65EXPL: 0CVE-2016-7382 – Ubuntu Security Notice USN-3122-1
https://notcve.org/view.php?id=CVE-2016-7382
04 Nov 2016 — For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges. Para los productos NVIDIA Quadro, NVS, GeForce y Tesla, NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys para Windows o nvi... • http://nvidia.custhelp.com/app/answers/detail/a_id/4246 • CWE-275: Permission Issues •
CVSS: 8.8EPSS: 0%CPEs: 40EXPL: 2CVE-2016-8812 – NVIDIA Driver - NvStreamKms 'PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback / Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-8812
29 Oct 2016 — For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 before 342.00, R367 before 369.59, and R375 en versiones anteriores a 375.... • https://packetstorm.news/files/id/139391 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •