CVE-2021-34856

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-1115

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable...

CVE-2021-1080

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and versi...

CVE-2021-1052

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and...

CVE-2021-1054

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, whi...

CVE-2021-1077

NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service...

CVE-2021-1053

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service...

CVE-2021-1092

NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of...

CVE-2021-1091

NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service...

CVE-2020-5981

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver nvwgf2um/x.dll, in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution...

CVE-2020-5987

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or...

CVE-2020-5969

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and versio...

CVE-2020-5971

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalatio...

CVE-2020-5979

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges...

CVE-2020-5973

NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10.3...

CVE-2020-5984

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x prior to 8.5, version 10.x prio...

CVE-2020-5985

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...

CVE-2020-5988

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...

CVE-2020-5989

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...

CVE-2020-5982

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to...