6 matches found
CVE-2016-3161
CVE-2016-3161 affects NVIDIA Quadro/NVS/GeForce Windows drivers with GFE GameStream and NVTray Plugin unquoted service path, enabling code execution with SYSTEM/USER privileges on a vulnerable install. Root cause is an unquoted service path in the affected components; exploitation status is not d...
CVE-2016-5852
Summary: CVE-2016-5852 and related CVEs affect NVIDIA Quadro/NVS/GeForce Windows drivers (GFE GameStream/NVTray plugin and NVAPI/NVStreamKMS components). CVE-2016-5852 is an unquoted service path vulnerability in the NVTray Plugin that can be exploited locally via a malicious executable in the ro...
CVE-2016-4960
CVE-2016-4960 affects NVIDIA Quadro, NVS, and GeForce Windows drivers via the NVStreamKMS.sys driver. The root cause is improper validation of user-supplied data through API entry points, leading to local privilege escalation. The vulnerability is documented across multiple sources (NVD entry and...
CVE-2016-4961
CVE-2016-4961 affects NVIDIA Quadro, NVS, and GeForce Windows drivers. The root cause is improper sanitization of parameters in the NVStreamKMS.sys API layer, causing a denial-of-service (blue-screen crash). Affected component is the NVStreamKMS.sys driver; impact is high for availability with lo...
CVE-2016-8812
CVE-2016-8812 affects NVIDIA Windows GPU drivers for NVIDIA Quadro/NVS/GeForce with GeForce Experience (GFE) R340 prior to 2.11.4.125 and R375 prior to 3.1.0.52. The issue is a kernel-mode stack buffer overflow in nvstreamkms.sys triggered by specially crafted executable paths, requiring GeForce ...
CVE-2016-8827
CVE-2016-8827 affects NVIDIA GeForce Experience 3.x before GFE 3.1.0.52. The vulnerability is in the NVIDIA Web Helper.exe local web API endpoint /VisualOPS/v.1.0./, which lacks proper access control and parameter validation, enabling information disclosure via a directory traversal attack. Impac...