CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6296
https://notcve.org/view.php?id=CVE-2017-6296
06 Mar 2018 — NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate. NVIDIA TrustZone Software contiene un problema de TOCTOU en la aplicación DRM, lo que podría conducir a una denegación de servicio (DoS) o a una escalada de privilegios. Este problema se ha clasificado como moderado, • http://nvidia.custhelp.com/app/answers/detail/a_id/4631 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6282
https://notcve.org/view.php?id=CVE-2017-6282
06 Mar 2018 — NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high. El controlador del kernel NVIDIA Tegra contiene una vulnerabilidad en NVMAP por la cual un atacante podría escribir un valor arbitrario en una ubicación arbitraria, que podría conducir a un escalado de privilegios. Este problema se ha clasificado como grave. • http://nvidia.custhelp.com/app/answers/detail/a_id/4631 • CWE-123: Write-what-where Condition •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6283
https://notcve.org/view.php?id=CVE-2017-6283
06 Mar 2018 — NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high. NVIDIA Security Engine contiene una vulnerabilidad en la función RSA, donde los permisos de bloqueo de lectura/escritura del keyslot se limpian en un restablecimiento del chip. Esto podría conducir a la divulgación de información. Este problema se ha clasificado como grave. • http://nvidia.custhelp.com/app/answers/detail/a_id/4631 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6284
https://notcve.org/view.php?id=CVE-2017-6284
06 Mar 2018 — NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. NVIDIA Security Engine contiene una vulnerabilidad en el DRBG (Deterministic Random Bit Generator) donde este no inicializa o almacena y transmite datos sensibles mediante un esquema ... • http://nvidia.custhelp.com/app/answers/detail/a_id/4631 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-326: Inadequate Encryption Strength •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6295
https://notcve.org/view.php?id=CVE-2017-6295
06 Mar 2018 — NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high. NVIDIA TrustZone Software contiene una vulnerabilidad en la implementación Keymaster donde el software lee datos más allá del final o antes del comienzo del búfer. Y podría conducir a una denegación de servicio (DoS) o a una divulgación de inform... • http://nvidia.custhelp.com/app/answers/detail/a_id/4631 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6915
https://notcve.org/view.php?id=CVE-2016-6915
24 Apr 2017 — Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. Desbordamiento de búfer basado en la pila en nvhost_job.c en el controlador de vídeo NVIDIA para Android, Shield TV versiones anteriores de OTA 3.3, Shield Table versiones anteriores de OTA 4.4 y Shield Table TK1 versiones anteriores de OTA 1.5. • http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6916
https://notcve.org/view.php?id=CVE-2016-6916
24 Apr 2017 — Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow. Desbordamiento de entero en nvhost_job.c en el video driver NVIDIA para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5... • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6917
https://notcve.org/view.php?id=CVE-2016-6917
24 Apr 2017 — Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. Desbordamiento de búfer en nvhost_job.c en el video driver NVIDIA video para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •