cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-23175,https://securityvulnerability.io/vulnerability/CVE-2021-23175,NVIDIA GeForce Experience User Authorization Vulnerability,"NVIDIA GeForce Experience suffers from a vulnerability in its user authorization mechanisms. The GameStream feature inadequately enforces individual user access controls, which may allow users on the same device, with the right circumstances, to escalate their privileges. This could lead to unauthorized access to sensitive information, data tampering, or even denial of service, thereby affecting resources beyond the intended security scope of GameStream.",Nvidia,Nvidia Geforce Experience Software,8.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-12-23T16:05:10.000Z,0
CVE-2021-1073,https://securityvulnerability.io/vulnerability/CVE-2021-1073,Session Hijacking Vulnerability in NVIDIA GeForce Experience,"A vulnerability exists in NVIDIA GeForce Experience that arises during user login via a browser while other web pages are active in different tabs. This issue can allow malicious web pages to access the token associated with the user's session, potentially leading to unauthorized access to the user's account. Compromised accounts may result in sensitive data being accessed, altered, or permanently lost, thereby posing significant risks to user security.",Nvidia,Nvidia Geforce Experience Software,8.3,HIGH,0.001990000018849969,false,,false,false,false,,,false,false,,2021-06-25T19:25:10.000Z,0
CVE-2021-1079,https://securityvulnerability.io/vulnerability/CVE-2021-1079,Code Execution and Privilege Escalation in NVIDIA GeForce Experience,"NVIDIA GeForce Experience, prior to version 3.22, contains a vulnerability in its GameStream plugins where log files are generated with NT/System level permissions. This flaw can potentially allow local attackers to execute arbitrary code, disrupt services, or escalate privileges. However, the attacker does not have control over the results of the modification, nor can they leak information due to the overwrite mechanism.",Nvidia,Nvidia Geforce Experience Software,6.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-20T14:20:11.000Z,0
CVE-2021-1072,https://securityvulnerability.io/vulnerability/CVE-2021-1072,Arbitrary File Deletion Vulnerability in NVIDIA GeForce Experience,"NVIDIA GeForce Experience, in all versions prior to 3.21, features a vulnerability in the GameStream component (specifically within rxdiag.dll) that allows for arbitrary file deletion. This flaw arises from improper handling of log files, potentially leading to service disruptions or denial of service to users. It’s crucial for users to update to the latest version to protect against such vulnerabilities.",Nvidia,Nvidia Geforce Experience Software,6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-05T19:40:12.000Z,0
CVE-2020-5978,https://securityvulnerability.io/vulnerability/CVE-2020-5978,Privilege Escalation and Denial of Service Vulnerability in NVIDIA GeForce Experience,"NVIDIA GeForce Experience versions prior to 3.20.5.70 are affected by a vulnerability wherein a folder is created by the nvcontainer.exe service under normal user login with LOCAL_SYSTEM privileges. This flaw can lead to a denial of service or unauthorized escalation of privileges, potentially allowing an attacker to manipulate system resources and compromise user security.",Nvidia,Nvidia Geforce Experience Software,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-23T17:35:16.000Z,0
CVE-2020-5990,https://securityvulnerability.io/vulnerability/CVE-2020-5990,Local Privilege Escalation Vulnerability in NVIDIA GeForce Experience,"NVIDIA GeForce Experience versions earlier than 3.20.5.70 are susceptible to a vulnerability within the ShadowPlay component. This flaw may enable attackers to escalate privileges locally, execute arbitrary code, cause a denial of service, or potentially disclose sensitive information, affecting user security and system integrity.",Nvidia,Nvidia Geforce Experience Software,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-23T17:35:16.000Z,0
CVE-2020-5977,https://securityvulnerability.io/vulnerability/CVE-2020-5977,Uncontrolled Search Path Vulnerability in NVIDIA GeForce Experience,"A vulnerability exists in NVIDIA GeForce Experience due to an uncontrolled search path in the NodeJS web server utilized by NVIDIA Web Helper. This flaw can potentially allow malicious actors to execute arbitrary code, escalate privileges, and disclose sensitive information, as well as instigate denial of service conditions. Users are advised to update to version 3.20.5.70 or later to mitigate these risks.",Nvidia,Nvidia Geforce Experience Software,7.8,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2020-10-23T17:35:15.000Z,0