Nvidia Geforce Experience Software vulnerabilities

CVE-2021-23175 [HIGH] CWE-863 CVE-2021-23175: NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intende

CVE-2021-1073 [HIGH] CVE-2021-1073: NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow wh NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’

CVE-2021-1079 [MEDIUM] CVE-2021-1079: NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugin NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the consequence of a modification nor would they be able to leak informa

CVE-2021-1072 [MEDIUM] CVE-2021-1072: NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdia NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service.

CVE-2020-5978 [HIGH] CVE-2020-5978: NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.

CVE-2020-5990 [HIGH] CVE-2020-5990: NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPl NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.

CVE-2020-5977 [HIGH] CWE-426 CVE-2020-5977: NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web H NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.