Geforce Experience@* Security Vulnerabilities and Issues — Geforce Experience@* CVE List

Lucene search

NvidiaGeforce Experience*

22 matches found

CVE•added 2019/05/31 10:29 p.m.•328 views

CVE-2019-5678

NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure.

7.8CVSS6.6AI score0.00143EPSS

Web

CVE•added 2019/11/09 2:15 a.m.•163 views

CVE-2019-5689

NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or informati...

7.8CVSS6.7AI score0.0005EPSS

CVE•added 2019/11/09 2:15 a.m.•152 views

CVE-2019-5701

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack),...

7.8CVSS7.2AI score0.00043EPSS

CVE•added 2019/05/10 9:29 p.m.•105 views

CVE-2019-5676

NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code exec...

7.2CVSS6.9AI score0.00318EPSS

CVE•added 2020/03/05 8:15 p.m.•91 views

CVE-2020-5957

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

7.8CVSS7.4AI score0.00129EPSS

CVE•added 2020/03/11 10:30 p.m.•88 views

CVE-2020-5958

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure.

7.8CVSS7.3AI score0.00143EPSS

CVE•added 2019/03/28 3:29 p.m.•74 views

CVE-2019-5674

NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation o...

7CVSS7.1AI score0.00193EPSS

CVE•added 2023/02/07 3:15 a.m.•74 views

CVE-2022-31611

NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalatio...

7.3CVSS7.5AI score0.00049EPSS

CVE•added 2018/08/31 9:0 p.m.•71 views

CVE-2018-6257

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.

7CVSS7AI score0.00054EPSS

CVE•added 2020/06/25 12:15 a.m.•67 views

CVE-2020-5964

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure.

7.8CVSS7.3AI score0.00023EPSS

CVE•added 2018/10/02 5:29 p.m.•62 views

CVE-2018-6261

NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.

7CVSS7.1AI score0.00044EPSS

CVE•added 2019/12/24 10:15 p.m.•59 views

CVE-2019-5702

NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

7.8CVSS7.5AI score0.00048EPSS

CVE•added 2020/10/23 6:15 p.m.•56 views

CVE-2020-5990

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.

7.8CVSS7.3AI score0.00054EPSS

CVE•added 2021/02/05 8:15 p.m.•54 views

CVE-2021-1072

NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service.

7.1CVSS6.8AI score0.00035EPSS

CVE•added 2020/10/23 6:15 p.m.•50 views

CVE-2020-5977

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

7.8CVSS7.6AI score0.00075EPSS

CVE•added 2016/11/08 8:59 p.m.•48 views

CVE-2016-5852

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system a...

7.8CVSS7.8AI score0.00048EPSS

CVE•added 2023/02/12 4:15 a.m.•47 views

CVE-2022-42292

NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data t...

7.8CVSS7.8AI score0.00037EPSS

CVE•added 2016/11/08 8:59 p.m.•45 views

CVE-2016-3161

7.8CVSS7.8AI score0.00137EPSS

CVE•added 2018/11/27 6:29 p.m.•45 views

CVE-2018-6263

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2020/10/23 6:15 p.m.•44 views

CVE-2020-5978

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.

7.8CVSS7.7AI score0.00054EPSS

CVE•added 2017/10/16 9:29 p.m.•41 views

CVE-2017-0316

In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.

7.8CVSS7.6AI score0.00045EPSS

CVE•added 2018/11/27 6:29 p.m.•38 views

CVE-2018-6265

NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.

7.8CVSS7.7AI score0.00051EPSS