9763 matches found
CVE-2020-5963
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure...
CVE-2020-5963
The provided documents describe CVE-2020-5963 as a vulnerability in the Inter Process Communication APIs of the NVIDIA Windows GPU Display Driver (affecting all versions). Reported impact includes code execution, denial of service, and information disclosure via a local attacker with low attack c...
CVE-2020-5962
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...
CVE-2020-5962
CVE-2020-5962 affects the NVIDIA Windows GPU Display Driver (all versions), specifically the NVIDIA Control Panel component. A local attacker can corrupt a system file, which may lead to denial of service or privilege escalation. The available connected sources describe the vulnerability and its ...
CVE-2020-5962
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...
CVE-2020-5963
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure...
CVE-2020-5973
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10.3...
CVE-2020-5967
NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service...
Security Bulletin: NVIDIA GPU Display Driver - June 2020
NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, or information disclosure. To protect your system, download and install this software update through the NVIDIA Driver Downloads...
FF Sandbox Escape (CVE-2020-12388)
By James Forshaw, Project Zero In my previous blog post I discussed an issue with the Windows Kernel’s handling of Restricted Tokens which allowed me to escape the Chrome GPU sandbox. Originally I’d planned to use Firefox for the proof-of-concept as Firefox uses the same effective sandbox level a...
Monero: Misconfiguration in build environment allows DLL preloading attack
Summary: monero-wallet-gui.exe tries to dynamically load some dynamic link librariesDLL which are not present in the applications directory, so LoadLibraryA system-call will search other directories such as Windows root and %PATH% for them. An attacker can gain arbitrary code execution if he/she...
Kubernetes Falls to Cryptomining via Machine-Learning Framework
A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. The Kubeflow open-source project is a popular framework for running machine-learning ML tasks in Kubernetes. According to an...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2020-41074)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in previous versions of Mozilla Firefox 77. An attacker could exploit the vulnerability to gain access to the contents of GPU memory...
Security Vulnerabilities fixed in Firefox 77 — Mozilla
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. Mozilla Developer Iain Ireland...
CVE-2020-12407
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox 77...
skia:api_mock_gpu_canvas: Use-of-uninitialized-value in GrShape::simplifyRect
Project: https://skia.googlesource.com/skia.git Detailed Report: https://oss-fuzz.com/testcase?key=5162098826149888 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: apimockgpucanvas Job Type: libfuzzermsanskia Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash Stat...
Security Bulletin: NVIDIA Windows and Linux GPU Display drivers are have resolved several security vulnerabilities as described below.
Summary The NVIDIA Windows and Linux GPU Display drivers have resolved several ecurity vulnerabilities as described by the following CVEs: Vulnerability Details CVEID: CVE-2019-5690 DESCRIPTION: NVIDIA Windows GPU Display driver could allow a local authenticated attacker to gain elevated privileg...
Denial Of Service (DoS)
Kernel is vulnerable to denial of service DoS. The Radeon GPU drivers in the Linux kernel were missing sanity checks for the Anti Aliasing AA resolve register values which could allow a local, unprivileged user to cause a denial of service or escalate their privileges on systems using a graphics...
CVE-2019-0154
A flaw was found in Intel graphics hardware GPU where a local attacker with the ability to issue an ioctl could trigger a hardware level crash if MMIO registers were read while the graphics card was in a low-power state. This creates a denial of service situation and the GPU and connected display...
CVE-2016-7994
Memory leak in the virtiogpuresourcecreate2d function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCECREATE2D commands...