Filtered by vendor Nvidia Subscriptions
Filtered by product Geforce Experience Subscriptions
Total 37 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-6258 1 Nvidia 1 Geforce Experience 2024-09-17 N/A
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.
CVE-2018-6261 1 Nvidia 1 Geforce Experience 2024-09-17 N/A
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.
CVE-2018-6263 2 Microsoft, Nvidia 2 Windows, Geforce Experience 2024-09-17 N/A
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges.
CVE-2018-6259 1 Nvidia 1 Geforce Experience 2024-09-17 N/A
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.
CVE-2018-6266 2 Microsoft, Nvidia 2 Windows, Geforce Experience 2024-09-16 N/A
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows where a local user may obtain third party integration parameters, which may lead to information disclosure.
CVE-2017-0316 2 Microsoft, Nvidia 2 Windows, Geforce Experience 2024-09-16 7.8 High
In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.
CVE-2018-6265 2 Microsoft, Nvidia 2 Windows 7, Geforce Experience 2024-09-16 N/A
NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 during application installation on Windows 7 in elevated privilege mode, where a local user who initiates a browser session may obtain escalation of privileges on the browser.
CVE-2018-6257 1 Nvidia 1 Geforce Experience 2024-09-16 N/A
NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.
CVE-2018-6262 1 Nvidia 1 Geforce Experience 2024-09-16 N/A
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.
CVE-2016-8827 2 Microsoft, Nvidia 2 Windows, Geforce Experience 2024-08-06 6.5 Medium
NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack.
CVE-2016-8812 1 Nvidia 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more 2024-08-06 N/A
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
CVE-2016-5852 1 Nvidia 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more 2024-08-06 N/A
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
CVE-2016-4960 1 Nvidia 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more 2024-08-06 N/A
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
CVE-2016-4961 1 Nvidia 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more 2024-08-06 N/A
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
CVE-2016-3161 1 Nvidia 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more 2024-08-05 N/A
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
CVE-2017-14491 13 Arista, Arubanetworks, Canonical and 10 more 35 Eos, Arubaos, Ubuntu Linux and 32 more 2024-08-05 9.8 Critical
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-6250 1 Nvidia 1 Geforce Experience 2024-08-05 N/A
NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution.
CVE-2019-5689 1 Nvidia 1 Geforce Experience 2024-08-04 7.8 High
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.
CVE-2019-5676 2 Microsoft, Nvidia 3 Windows, Geforce Experience, Gpu Display Driver 2024-08-04 6.7 Medium
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution.
CVE-2019-5702 2 Microsoft, Nvidia 2 Windows, Geforce Experience 2024-08-04 7.8 High
NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.