Total
127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8809 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-7383 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer (nvlddmkm.sys) handler, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-5025 | 1 Nvidia | 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more | 2025-04-12 | 6.1 MEDIUM | 6.6 MEDIUM |
| For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. | |||||
| CVE-2016-8806 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2015-7866 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:\Program.exe. | |||||
| CVE-2016-7391 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-7390 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-7386 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer. | |||||
| CVE-2016-7381 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2015-7865 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.7 HIGH | N/A |
| nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784. | |||||
| CVE-2013-5987 | 2 Apple, Nvidia | 2 Mac Os X, Gpu Driver | 2025-04-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. | |||||
| CVE-2013-0131 | 1 Nvidia | 1 Gpu Driver | 2025-04-11 | 7.1 HIGH | N/A |
| Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor. | |||||
| CVE-2013-5986 | 1 Nvidia | 1 Gpu Driver | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987. | |||||
| CVE-2021-1056 | 3 Debian, Linux, Nvidia | 3 Debian Linux, Linux Kernel, Gpu Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | |||||
| CVE-2021-1055 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure. | |||||
| CVE-2021-1054 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service. | |||||
| CVE-2021-1053 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Gpu Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. | |||||
| CVE-2021-1052 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2021-1051 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 6.6 MEDIUM | 8.4 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | |||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2024-11-21 | 6.9 MEDIUM | 6.5 MEDIUM |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||