Lucene search
K

432 matches found

CVE
CVE
added 2021/12/23 4:5 p.m.78 views

CVE-2021-23175

NVIDIA GeForce Experience vulnerability CVE-2021-23175 is a local privilege escalation in GameStream caused by improper per-user access controls. Affects GeForce Experience prior to version 3.24.0.126; with user intervention, may allow escalation of privileges, information disclosure, data tamper...

8.2CVSS8.2AI score0.00449EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/23 4:5 p.m.32 views

CVE-2021-23175

NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial...

8.2CVSS8.6AI score0.00449EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/22 12:0 a.m.4 views

Nvidia NVIDIA GeForce Experience 访问控制错误漏洞

Nvidia NVIDIA GeForce Experience is a suite of automatic graphics card update tools from Nvidia. The product is capable of automatically updating graphics card drivers and supports graphics card performance management and optimization, among other things. NVIDIA GeForce Experience suffers from an...

8.2CVSS7.8AI score0.00449EPSS
Exploits0References3
Nvidia
Nvidia
added 2021/12/21 12:0 a.m.41 views

Security Bulletin: NVIDIA GeForce Experience - December 2021

NVIDIA has released a software security update for NVIDIA® GeForce Experience™ software. This update addresses an issue that may lead to multiple security impacts. To protect your system, download and install this software update through the GeForce Experience Downloads page, or open the client t...

8.2CVSS9.9AI score0.00449EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.8 views

The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors lies in errors in handling hard links, which allows attackers to exploit their privileges or cause service failures.

The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors relates to errors in handling hard links. Exploiting this vulnerability can allow attackers to enhance their privileges or cause service interruptions...

7.1CVSS7AI score0.0026EPSS
Exploits0References4Affected Software9
Tenable Nessus
Tenable Nessus
added 2021/07/02 12:0 a.m.143 views

NVIDIA GeForce Experience < 3.23.0 Insecure Sessions

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user clicks on a maliciously formatted link that opens the GeForce Experience login page in a new browser tab instead of the GeForce Experience application and enters their login information, the malicious...

8.3CVSS7.6AI score0.009EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/29 12:0 a.m.32 views

NVIDIA GeForce Experience Cross-Site Scripting Vulnerability

NVIDIA GeForce Experience is a set of automatic graphics card update tools from Nvidia Corporation. A cross-site scripting vulnerability exists in NVIDIA GeForce Experience, which could be exploited by attackers to trick users into clicking on a maliciously formatted link in their browser and...

8.3CVSS4.4AI score0.009EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2021/06/28 8:38 p.m.101 views

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker’s popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and...

8.3CVSS8.7AI score0.009EPSS
Exploits0References11
OSV
OSV
added 2021/06/25 8:15 p.m.2 views

CVE-2021-1073

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...

8.3CVSS5.8AI score0.009EPSS
Exploits0References1
NVD
NVD
added 2021/06/25 8:15 p.m.32 views

CVE-2021-1073

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...

8.3CVSS0.009EPSS
Exploits0References1
Prion
Prion
added 2021/06/25 8:15 p.m.27 views

Design/Logic Flaw

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...

5.1CVSS8.1AI score0.009EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/25 7:25 p.m.155 views

CVE-2021-1073

NVIDIA GeForce Experience (Windows) before version 3.23 is affected by CVE-2021-1073. The flaw occurs in the login flow when a user logs in via a browser while another browser tab is loading a page, allowing the page to access the user’s login token and potentially compromise the account. The iss...

8.3CVSS8.1AI score0.009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/25 7:25 p.m.33 views

CVE-2021-1073

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of...

8.3CVSS8.4AI score0.009EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.5 views

NVIDIA GeForce Experience 安全漏洞

NVIDIA GeForce Experience is a set of automatic graphics card update tools from Nvidia Corporation. A cross-site scripting vulnerability exists in NVIDIA GeForce Experience, which could be exploited by attackers to trick users into clicking on a maliciously formatted link in their browser and...

8.3CVSS5.2AI score0.009EPSS
Exploits0References2
Nvidia
Nvidia
added 2021/06/24 12:0 a.m.43 views

Security Bulletin: NVIDIA GeForce Experience - June 2021

NVIDIA has released a software security update for NVIDIA® GeForce Experience™ software. This update addresses an issue that may lead to information disclosure, data tampering, or denial of service. To protect your system, download and install this software update through the GeForce Experience...

8.3CVSS8.4AI score0.009EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/04/20 4:15 p.m.26 views

CVE-2021-1079

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

6.1CVSS0.0028EPSS
Exploits0References1
OSV
OSV
added 2021/04/20 4:15 p.m.5 views

CVE-2021-1079

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

6.1CVSS6.4AI score0.0028EPSS
Exploits0References1
Prion
Prion
added 2021/04/20 4:15 p.m.22 views

Design/Logic Flaw

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

3.6CVSS6.1AI score0.0028EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/04/20 2:20 p.m.69 views

CVE-2021-1079

CVE-2021-1079 affects NVIDIA GeForce Experience (all versions prior to 3.22) due to a GameStream plugin that creates log files with NT/System level permissions, enabling local impact such as code execution, denial of service, or local privilege escalation. The issue is tied to the log-file creati...

6.1CVSS6.2AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/20 2:20 p.m.30 views

CVE-2021-1079

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

6.1CVSS6.4AI score0.0028EPSS
Exploits0References1
Rows per page
Query Builder