Nvidia : Security Vulnerabilities, CVEs, Published In 2016 (Information Leak)

CVE-2016-8827

NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack.
Max CVSS
6.5
EPSS Score
0.24%
Published
2016-12-16
Updated
2021-02-11

CVE-2016-8820

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure.
Max CVSS
6.1
EPSS Score
0.04%
Published
2016-12-16
Updated
2016-12-24

CVE-2016-7386

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer.
Max CVSS
5.5
EPSS Score
0.12%
Published
2016-11-08
Updated
2019-03-07
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close