432 matches found
CVE-2021-23175
NVIDIA GeForce Experience vulnerability CVE-2021-23175 is a local privilege escalation in GameStream caused by improper per-user access controls. Affects GeForce Experience prior to version 3.24.0.126; with user intervention, may allow escalation of privileges, information disclosure, data tamper...
CVE-2021-23175
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial...
Nvidia NVIDIA GeForce Experience 访问控制错误漏洞
Nvidia NVIDIA GeForce Experience is a suite of automatic graphics card update tools from Nvidia. The product is capable of automatically updating graphics card drivers and supports graphics card performance management and optimization, among other things. NVIDIA GeForce Experience suffers from an...
Security Bulletin: NVIDIA GeForce Experience - December 2021
NVIDIA has released a software security update for NVIDIA® GeForce Experience™ software. This update addresses an issue that may lead to multiple security impacts. To protect your system, download and install this software update through the GeForce Experience Downloads page, or open the client t...
The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors lies in errors in handling hard links, which allows attackers to exploit their privileges or cause service failures.
The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors relates to errors in handling hard links. Exploiting this vulnerability can allow attackers to enhance their privileges or cause service interruptions...
NVIDIA GeForce Experience < 3.23.0 Insecure Sessions
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user clicks on a maliciously formatted link that opens the GeForce Experience login page in a new browser tab instead of the GeForce Experience application and enters their login information, the malicious...
NVIDIA GeForce Experience Cross-Site Scripting Vulnerability
NVIDIA GeForce Experience is a set of automatic graphics card update tools from Nvidia Corporation. A cross-site scripting vulnerability exists in NVIDIA GeForce Experience, which could be exploited by attackers to trick users into clicking on a maliciously formatted link in their browser and...
NVIDIA Patches High-Severity GeForce Spoof-Attack Bug
NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker’s popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and...
CVE-2021-1073
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...
CVE-2021-1073
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...
Design/Logic Flaw
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...
CVE-2021-1073
NVIDIA GeForce Experience (Windows) before version 3.23 is affected by CVE-2021-1073. The flaw occurs in the login flow when a user logs in via a browser while another browser tab is loading a page, allowing the page to access the user’s login token and potentially compromise the account. The iss...
CVE-2021-1073
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...
NVIDIA GeForce Experience 安全漏洞
NVIDIA GeForce Experience is a set of automatic graphics card update tools from Nvidia Corporation. A cross-site scripting vulnerability exists in NVIDIA GeForce Experience, which could be exploited by attackers to trick users into clicking on a maliciously formatted link in their browser and...
Security Bulletin: NVIDIA GeForce Experience - June 2021
NVIDIA has released a software security update for NVIDIA® GeForce Experience™ software. This update addresses an issue that may lead to information disclosure, data tampering, or denial of service. To protect your system, download and install this software update through the GeForce Experience...
CVE-2021-1079
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...
CVE-2021-1079
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...
Design/Logic Flaw
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...
CVE-2021-1079
CVE-2021-1079 affects NVIDIA GeForce Experience (all versions prior to 3.22) due to a GameStream plugin that creates log files with NT/System level permissions, enabling local impact such as code execution, denial of service, or local privilege escalation. The issue is tied to the log-file creati...
CVE-2021-1079
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...