432 matches found
CVE-2018-6258
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...
CVE-2018-6257
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both...
CVE-2018-6258
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...
Design/Logic Flaw
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle MitM attack to obtain sensitive information...
Design/Logic Flaw
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible...
CVE-2018-6257
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both...
CVE-2018-6259
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible...
Security Bulletin: NVIDIA GeForce Experience Software Security Updates for Multiple Vulnerabilities When GameStream is Enabled
NVIDIA GeForce Experience contains vulnerabilities when GameStream is enabled which may lead to escalation of privileges, denial of service, or information disclosure. Go to NVIDIA Product Security. Vulnerability Details The following sections summarize the potential vulnerabilities. Descriptions...
macOS #Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver Exploit
Exploit for macOS platform in category dos / poc / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when only one is held. Note that the repro...
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when on...
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
/ nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when only one is held. Note that the repro forks a child which give the nvAccelerator a...
Security Bulletin: NVIDIA GPU Display Driver Security Updates for Multiple Vulnerabilities
NVIDIA GPU display driver vulnerabilities may lead to code execution, denial of service, information disclosure, or escalation of privileges. Go to NVIDIA Product Security. Vulnerability Details This section summarizes the potential vulnerabilities. Descriptions use CWE™ and risk assessments foll...
Security Bulletin: NVIDIA GeForce Experience (GFE) Security Updates for CPU Speculative Side Channel Vulnerabilities
NVIDIA GeForce Experience GFE response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero's January 3, 2018 publication of novel information...
Security Bulletin: NVIDIA Driver Security Updates for CPU Speculative Side Channel Vulnerabilities
NVIDIA driver response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero’s January 3, 2018 publication of novel information disclosure attacks tha...
NVIDIA GeForce Experience Installer Framework Elevation of Privilege Vulnerability
NVIDIA GeForce Experience GFE is a suite of automatic graphics card updating tools from NVIDIA.The NVIDIA Installer Framework is one of the installation frameworks.... An elevation of privilege vulnerability exists in NVISystemService64 of the NVIDIA Installer Framework in version 3.x prior to...
CVE-2017-0316
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
Design/Logic Flaw
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
CVE-2017-0316
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
CVE-2017-0316
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
Security Bulletin: NVIDIA Installer Framework contains a vulnerability in NVISystemService64 affecting GFE
Vulnerability Details The following section summarizes the vulnerability. The description uses CWE™ and the risk assessment follows CVSS. CVE-2017-0316 NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without...