Lucene search
K

432 matches found

OSV
OSV
added 2018/08/31 8:29 p.m.3 views

CVE-2018-6258

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...

4.7CVSS5.8AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2018/08/31 8:29 p.m.18 views

CVE-2018-6257

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both...

7CVSS7.1AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2018/08/31 8:29 p.m.22 views

CVE-2018-6258

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...

4.7CVSS4.6AI score0.00253EPSS
Exploits0References1
Prion
Prion
added 2018/08/31 8:29 p.m.19 views

Design/Logic Flaw

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...

1.9CVSS5.1AI score0.00253EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/08/31 8:29 p.m.17 views

Design/Logic Flaw

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible...

1.9CVSS4.3AI score0.00243EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/08/31 8:29 p.m.3 views

CVE-2018-6257

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both...

7CVSS5.8AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2018/08/31 8:29 p.m.1 views

CVE-2018-6259

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible...

2.5CVSS5.7AI score0.00243EPSS
Exploits0References1
Nvidia
Nvidia
added 2018/08/30 12:0 a.m.29 views

Security Bulletin: NVIDIA GeForce Experience Software Security Updates for Multiple Vulnerabilities When GameStream is Enabled

NVIDIA GeForce Experience contains vulnerabilities when GameStream is enabled which may lead to escalation of privileges, denial of service, or information disclosure. Go to NVIDIA Product Security. Vulnerability Details The following sections summarize the potential vulnerabilities. Descriptions...

7CVSS5.6AI score0.0028EPSS
Exploits0Affected Software1
0day.today
0day.today
added 2018/06/06 12:0 a.m.55 views

macOS #Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver Exploit

Exploit for macOS platform in category dos / poc / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when only one is held. Note that the repro...

0.04164EPSS
Exploits3
exploitpack
exploitpack
added 2018/06/06 12:0 a.m.21 views

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when on...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2018/06/06 12:0 a.m.38 views

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver

/ nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when only one is held. Note that the repro forks a child which give the nvAccelerator a...

7.4AI score
Exploits0
Nvidia
Nvidia
added 2018/03/28 12:0 a.m.36 views

Security Bulletin: NVIDIA GPU Display Driver Security Updates for Multiple Vulnerabilities

NVIDIA GPU display driver vulnerabilities may lead to code execution, denial of service, information disclosure, or escalation of privileges. Go to NVIDIA Product Security. Vulnerability Details This section summarizes the potential vulnerabilities. Descriptions use CWE™ and risk assessments foll...

8.8CVSS8.2AI score0.00411EPSS
Exploits0Affected Software1
Nvidia
Nvidia
added 2018/01/09 12:0 a.m.131 views

Security Bulletin: NVIDIA GeForce Experience (GFE) Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA GeForce Experience GFE response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero's January 3, 2018 publication of novel information...

5.6CVSS6.9AI score0.93838EPSS
Exploits13Affected Software1
Nvidia
Nvidia
added 2018/01/04 12:0 a.m.83 views

Security Bulletin: NVIDIA Driver Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA driver response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero’s January 3, 2018 publication of novel information disclosure attacks tha...

5.6CVSS6.7AI score0.93838EPSS
Exploits13Affected Software1
CNVD
CNVD
added 2017/10/20 12:0 a.m.4 views

NVIDIA GeForce Experience Installer Framework Elevation of Privilege Vulnerability

NVIDIA GeForce Experience GFE is a suite of automatic graphics card updating tools from NVIDIA.The NVIDIA Installer Framework is one of the installation frameworks.... An elevation of privilege vulnerability exists in NVISystemService64 of the NVIDIA Installer Framework in version 3.x prior to...

7.8CVSS7.7AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2017/10/16 9:29 p.m.26 views

CVE-2017-0316

In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...

7.8CVSS7.7AI score0.00291EPSS
Exploits0References1
Prion
Prion
added 2017/10/16 9:29 p.m.17 views

Design/Logic Flaw

In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...

4.6CVSS7.6AI score0.00291EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/10/16 9:29 p.m.4 views

CVE-2017-0316

In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...

7.8CVSS5.8AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/10/16 9:0 p.m.34 views

CVE-2017-0316

In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...

7.7AI score0.00291EPSS
Exploits0References1
Nvidia
Nvidia
added 2017/10/16 12:0 a.m.29 views

Security Bulletin: NVIDIA Installer Framework contains a vulnerability in NVISystemService64 affecting GFE

Vulnerability Details The following section summarizes the vulnerability. The description uses CWE™ and the risk assessment follows CVSS. CVE-2017-0316 NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without...

4.6CVSS7.2AI score0.00291EPSS
Exploits0Affected Software1
Rows per page
Query Builder