CVSS: 7.4EPSS: 0%CPEs: 33EXPL: 1CVE-2018-3979
https://notcve.org/view.php?id=CVE-2018-3979
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2016-4959
https://notcve.org/view.php?id=CVE-2016-4959
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash. Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegación de servicio Remote Desktop. Una explotación exitosa de la vulnerabilidad del sistema tendría como resultado en un a referencia a puntero nulo del kernel, causando una caída de pantalla azul. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 http://www.securityfocus.com/bid/93256 http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content https://support.lenovo.com/us/en/product_security/ps500070 • CWE-476: NULL Pointer Dereference •
CVSS: 7.3EPSS: 0%CPEs: 40EXPL: 0CVE-2016-4960
https://notcve.org/view.php?id=CVE-2016-4960
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys está validando incorrectamente los datos suministrados por el usuario a través de sus puntos de entrada de la API lo que causa una elevación de privilegios. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 http://www.securityfocus.com/bid/93251 https://support.lenovo.com/us/en/product_security/ps500070 • CWE-20: Improper Input Validation •
CVSS: 6.6EPSS: 0%CPEs: 43EXPL: 0CVE-2016-5025
https://notcve.org/view.php?id=CVE-2016-5025
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los párametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores gráficos de NVIDIA Windows. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 http://www.securityfocus.com/bid/93251 https://support.lenovo.com/us/en/product_security/ps500070 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2016-3161
https://notcve.org/view.php?id=CVE-2016-3161
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path. Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutarse en el sistema en el nivel de privilegios sistema/usuario. • http://nvidia.custhelp.com/app/answers/detail/a_id/4213 http://www.securityfocus.com/bid/93251 https://support.lenovo.com/us/en/product_security/ps500070 •