Vulnerabilites related to nvidia - geforce_now
Vulnerability from fkie_nvd
Published
2020-09-18 15:15
Modified
2024-11-21 05:34
Severity ?
Summary
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_now:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E69776-623F-469A-AAD0-D3632FED49E6",
"versionEndExcluding": "2.0.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure."
},
{
"lang": "es",
"value": "NVIDIA GeForce NOW, versiones anteriores a 2.0.23 en Windows y macOS, contiene una vulnerabilidad en el software de la aplicaci\u00f3n de escritorio que incluye informaci\u00f3n confidencial como parte de una URL, lo que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-5975",
"lastModified": "2024-11-21T05:34:56.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-18T15:15:13.703",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-18 15:15
Modified
2024-11-21 05:34
Severity ?
Summary
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | geforce_now | * | |
| apple | macos | - | |
| microsoft | windows | - | |
| nvidia | geforce_now | * | |
| android | - | ||
| android_tv | - | ||
| nvidia | games | * | |
| android_tv | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_now:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E69776-623F-469A-AAD0-D3632FED49E6",
"versionEndExcluding": "2.0.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_now:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAD179D-CC43-4A55-B831-F0FAD6939D86",
"versionEndExcluding": "5.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05478FB-97AA-4120-BFB8-B1B883A838A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:games:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5F55F3-818F-415A-989D-79CF42D4F46B",
"versionEndExcluding": "5.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05478FB-97AA-4120-BFB8-B1B883A838A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure."
},
{
"lang": "es",
"value": "NVIDIA GeForce NOW, versiones anteriores a 2.0.23 (Windows, macOS) y versiones anteriores a 5.31 (Android, Shield TV), contiene una vulnerabilidad en el software de la aplicaci\u00f3n en donde el componente network test transmite informaci\u00f3n confidencial de forma no segura, lo que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-5976",
"lastModified": "2024-11-21T05:34:56.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-18T15:15:13.780",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-20 02:15
Modified
2024-11-21 08:01
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Summary
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | geforce_now | * | |
| android | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_now:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8003B3F-0468-4834-874E-46E43ACB7B8F",
"versionEndIncluding": "6.04.33108832",
"versionStartIncluding": "6.00.32705137",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution."
},
{
"lang": "es",
"value": "NVIDIA GeForce Now para Android contiene una vulnerabilidad en el componente de inicio del juego, donde una aplicaci\u00f3n maliciosa en el mismo dispositivo puede procesar la intenci\u00f3n impl\u00edcita destinada al componente de transmisi\u00f3n. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar una divulgaci\u00f3n limitada de informaci\u00f3n, denegaci\u00f3n de servicio y ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2023-31014",
"lastModified": "2024-11-21T08:01:14.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-20T02:15:20.783",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5476"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-927"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-11 23:15
Modified
2024-11-21 05:34
Severity ?
Summary
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5096 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5096 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | geforce_now | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_now:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7330097D-F058-4D06-8874-208E07CF358D",
"versionEndExcluding": "2.0.25.119",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges."
},
{
"lang": "es",
"value": "El software de aplicaci\u00f3n NVIDIA GeForce NOW en Windows, todas las versiones anteriores a 2.0.25.119, contiene una vulnerabilidad en su dependencia de software de c\u00f3digo abierto en la que la biblioteca OpenSSL es vulnerable a ataques de plantaci\u00f3n binaria por parte de un usuario local, lo que puede conllevar a una ejecuci\u00f3n de c\u00f3digo o escalada de privilegios"
}
],
"id": "CVE-2020-5992",
"lastModified": "2024-11-21T05:34:57.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-11T23:15:11.820",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-31014 (GCVE-0-2023-31014)
Vulnerability from cvelistv5
Published
2023-09-20 01:13
Modified
2024-09-24 18:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | GeForce NOW for Android mobile and TV app |
Version: 6.00.32705137 to 6.04.33108832 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:24.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5476"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T18:00:19.410697Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T18:08:55.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GeForce NOW for Android mobile and TV app",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "6.00.32705137 to 6.04.33108832"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution."
}
],
"value": "NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information disclosure, denial of service, and code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T01:13:46.226Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5476"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-31014",
"datePublished": "2023-09-20T01:13:46.226Z",
"dateReserved": "2023-04-22T02:38:25.654Z",
"dateUpdated": "2024-09-24T18:08:55.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5975 (GCVE-0-2020-5975)
Vulnerability from cvelistv5
Published
2020-09-18 14:50
Modified
2024-08-04 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GeForce NOW Application |
Version: All versions prior to 2.0.23 (applicable to Windows, macOS) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GeForce NOW Application",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.0.23 (applicable to Windows, macOS)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T14:50:13",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GeForce NOW Application",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.0.23 (applicable to Windows, macOS)"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2020-5975",
"datePublished": "2020-09-18T14:50:13",
"dateReserved": "2020-01-07T00:00:00",
"dateUpdated": "2024-08-04T08:47:40.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5992 (GCVE-0-2020-5992)
Vulnerability from cvelistv5
Published
2020-11-11 22:25
Modified
2024-08-04 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- code execution, escalation of privileges
Summary
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GeForce NOW Application |
Version: All versions prior to 2.0.25.119 (Windows) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GeForce NOW Application",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.0.25.119 (Windows)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "code execution, escalation of privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-11T22:25:11",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GeForce NOW Application",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.0.25.119 (Windows)"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "code execution, escalation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5096"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2020-5992",
"datePublished": "2020-11-11T22:25:11",
"dateReserved": "2020-01-07T00:00:00",
"dateUpdated": "2024-08-04T08:47:40.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5976 (GCVE-0-2020-5976)
Vulnerability from cvelistv5
Published
2020-09-18 15:10
Modified
2024-08-04 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GeForce NOW Application |
Version: All versions prior to 2.0.23 (Windows, macOS), versions prior to 5.31 (Android, SHIELD TV). |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GeForce NOW Application",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.0.23 (Windows, macOS), versions prior to 5.31 (Android, SHIELD TV)."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T15:10:15",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GeForce NOW Application",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.0.23 (Windows, macOS), versions prior to 5.31 (Android, SHIELD TV)."
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2020-5976",
"datePublished": "2020-09-18T15:10:15",
"dateReserved": "2020-01-07T00:00:00",
"dateUpdated": "2024-08-04T08:47:40.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}