Design/Logic Flaw

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver nvwgf2um/x.dll, in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution...

CVE-2020-5981

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver nvwgf2um/x.dll, in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution...

CVE-2020-5982

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to...

CVE-2020-5982

CVE-2020-5982 affects the NVIDIA Windows GPU Display Driver, specifically the kernel-mode layer nvlddmkm.sys scheduler. The vulnerability is described as the software not properly limiting the number/frequency of interactions with an actor, which may lead to a denial of service. The NVIDIA adviso...

CVE-2020-5981

CVE-2020-5981 affects the NVIDIA Windows GPU Display Driver, specifically the DirectX11 user-mode driver component nvwgf2um/x.dll. A specially crafted shader could trigger an out-of-bounds access, potentially causing denial of service or code execution. The issue is addressed by NVIDIA through se...

CVE-2020-5980

CVE-2020-5980 affects NVIDIA Windows GPU Display Driver. The vulnerability is described as a securely loaded system DLL loading its dependencies in an insecure fashion, potentially enabling code execution or denial of service. NVIDIA’s bulletin and security updates indicate fixes across Windows d...

CVE-2020-5979

CVE-2020-5979 affects the NVIDIA GPU Display Driver (Windows) in the Control Panel component. The vulnerability allows a high-privilege process to present a dialog box for user input, potentially enabling privilege escalation. NVIDIA’s security bulletin (Sept 2020) lists this CVE with a base scor...

CVE-2020-5979

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges...

CVE-2020-5980

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service...

DLL Hijacking in NVIDIA SMI

What is NVIDIA SMI? The NVIDIA System Management Interface nvidia-smi is a command line utility, based on top of the NVIDIA Management Library NVML, intended to aid in the management and monitoring of NVIDIA GPU devices. This utility allows administrators to query GPU device state and with the...

HPSBHF03690 rev. 3 - NVIDIA GPU Display Driver September 2020 Security Updates

Potential Security Impact Escalation of Privilege, Code Execution, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY NVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15207 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15207 Source advisory: OSV:PYSEC-2020-322...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2020-15207 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2020-15207 Source advisory: OSV:PYSEC-2020-322...

easyquake (>=1.1.0 <=1.2.2), epyseg (>=0.1.0 <=0.1.7) +3 more potentially affected by CVE-2020-15209 via tensorflow-gpu (>=2.1.0 <=2.1.1)

tensorflow-gpu PYPI version =2.1.0, =1.1.0, =0.1.0, =1.7.0, =1.9.5 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-324...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2020-15209 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2020-15209 Source advisory: OSV:PYSEC-2020-324...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15190 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15190 Source advisory: OSV:PYSEC-2020-305...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2020-15190 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2020-15190 Source advisory: OSV:PYSEC-2020-305...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +162 more potentially affected by CVE-2020-15191 via tensorflow-gpu (>=1.10.1 <=2.2.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2020-15191 Source advisory: OSV:PYSEC-2020-306...

easyquake (>=1.1.0 <=1.2.2), epyseg (>=0.1.0 <=0.1.7) +3 more potentially affected by CVE-2020-15194 via tensorflow-gpu (>=2.1.0 <=2.1.1)

tensorflow-gpu PYPI version =2.1.0, =1.1.0, =0.1.0, =1.7.0, =1.9.5 Source cves: CVE-2020-15194 Source advisory: OSV:PYSEC-2020-309...